Logins: The Last 4 of Your SSN
Sam Rhea hosts a casual fireside chat with Cloudflare employees to learn how their careers got started — and where their newfound access took them.
Transcript (Beta)
Hello and good morning. You're watching Logins. Hey James. Hey Justina. How are y 'all?
Good. Hello. Thank you for being here. This is Logins. This is a program where we learn more about members of the Cloudflare team and their career journeys by starting with some silly questions about logins and passwords and credentials.
Today, we have two guests, two people I'm really excited to learn more about Justina and James.
Justina is a member of our Lisbon office, James in our London office, but we're going to learn a lot more about what they do and how they arrived at their roles here at Cloudflare.
So thank you both for being on. Everything going well so far today?
Yes. Yeah, very much so. Fantastic. Yeah, excited to be here.
Thanks for the invite, Sam. Well, thank you for agreeing. We always start alphabetically with the first name of one of the guests, which puts James, you up first.
You ready to chat? I am indeed. Let's go. All right. Well, can you introduce yourself and what you do at Cloudflare?
Sure. So I'm James Crocker. I've been at Cloudflare for four years now, so a fair amount of time.
I lead the solution engineering group for EMEA.
So based out of London, big team. It's a great role.
We get to work with customers, get to help them adopt what we do, and we get to play with the stuff that you build or we build.
Yeah, it's a lot of fun. And when the solutions engineering group, when you're working with customers, is that the deployment or after the deployment or all the above?
What's the role encompassed? All of the above.
Solution engineering, we start really early, kind of working with customers, understanding what their problems are, really, and then how we fit those problems, and then we help them fix those problems, and then we make sure that they're successful for the long term.
Fantastic. Well, I know on the product team, we are grateful for you all because you help us connect what we're building, especially for those of us who are building some newer products, help us get those out there and get feedback on them and make them better.
Yeah, you do a great job of delivering that.
So thank you. We'll keep up the pace for you. Going back in time a little bit, though, before you were running the solutions engineering group there in London, what was your first job?
That goes back a really long time now.
I'm getting on a bit. My first job, I worked in a boatyard. A boatyard? Yeah, so on the River Thames, a long time ago.
It was great. It started as a weekend job, which was fantastic as a 15-year-old kid getting to play with boats.
What kind of boats?
Leisure boats, like tours that you would go out on? Mostly leisure boats, like 20-foot type motor boats really was the predominant thing.
It was a marina, it was a chandelier, and they had a bit of a wholesale business as well.
So my career started there.
I went from weekend work into IT, and that was my first real job in IT there.
And what did you do there for IT in the wholesale business? There was probably about 20 people.
They all had computers of some kind. Helping them, I guess, do the basics.
Buying new computers, getting them set up, fix the networking problems that came up.
Implementing, it sounds really big now at the time for a boatyard, but implementing an ERM at some point and getting involved in that.
Because they turned into having a big export business, ultimately. Very interesting.
And I assume then that put you kind of as the custodian of passwords and keys as someone responsible for this fairly sophisticated 20-person ERM and IT deployment.
Kind of. There's a couple of us that were doing this, and I guess the first password was really a terrible example.
It was one of those ones that just everyone used.
It was called the ERM, and it was in the top five of the most commonly used passwords in the world.
Horrific, and it was kind of just funny because it was getting into the stock account system.
Was that something that at that age you recognized, like, oh, this should be better, or were you just like, this is the quickest path?
Not immediately. I think as I got moved on from being a 15-year-old and actually taking IT a little bit more seriously, yeah, I recognized that, and everyone had their own accounts, ultimately.
And we grew up as an organization as well, so the ERM really kind of changed that.
I want to talk about it because you asked for stories.
It was a horrific thing with passwords and account management with the ERM that got implemented that we found.
And actually, the company showed us this, but they put a lot of emphasis on users and accounts and passwords.
But if you're using the right console emulator, you could break to the code, so you could type in your username, go to a console in that same session, and say, go to line 110 and skip the password check.
Oh, good for you. Basically, as any user, which was horrific, but that is something I really remember 20-odd years later, the importance of good security in IT.
That's terrifying, but a good reminder.
A long time ago. What was the first time you were given access to something that intimidated you?
Like, oh, no, someone has put too much trust in me, or this is scary.
Yeah, it probably wasn't in this job. I mean, maybe it should have been, because I didn't really understand the importance of access systems.
But I then, in one of my other jobs, I was working for a pharmaceutical company.
So these are, you know, big 40,000 employee organizations making very expensive drugs and having access to these systems, ultimately making pharmaceuticals.
And again, it was eye -opening, the level of trust they gave me in doing this.
And what made you more comfortable with that level of responsibility?
How did that evolve over time? So, it was more kind of an experience thing, I think.
You know, it wasn't just the security, but there was a lot of evolution at that time in account security.
So obviously strong passwords were a big thing.
So that was great seeing, you know, working for a serious company.
There were still some, you know, root passwords that were still shared. That was really interesting, and actually getting the exposure to run that project for all the Unix systems and switching to better account security and implementing sudo, that kind of thing, around the region.
I think just running that really gave me the insight and the comfort that things can be better than shared passwords.
That's fantastic. Well, to rewind a little bit, because I feel like I skipped some steps from boat doc to multinational pharmaceutical.
Right. How did that kind of progress?
What led you there? Yeah, great. So, when I got to like 18, it was time to go to university.
I actually ended up switching course in Delaney and carried on working IT for 12 months before then going to university, doing my degree in networking and computer systems.
And during one of the summers at university, I actually got a placement at IBM.
So I wasn't quite up here. It's a company called secret who made service systems that got acquired by IBM, which is kind of the in between step to then going to be a major organization, which is also part of my degree.
Actually, that was a placement year.
And so you started your career there at IBM after the acquisition? No, IBM was the summer placement.
That was really kind of interesting as well, because, you know, one company being swallowed by another one and changes and process changes.
And even though I was only there for like three or four months, it was a really interesting experience because that was a real big business.
And then, yeah, then my placement year was at the pharmaceutical, which I then went back to once I graduated.
And when did you arrive at Cloudflare? Like 13 years later. So after I left the pharmaceutical, I went to a hardware vendor that was actually in a really similar space to what Cloudflare does very much around network security, application security, performance and delivery.
But more from the traditional box in a data center perspective.
I love the tech stack that I worked with. I knew that I wanted to keep doing that, but I knew that the world was changing.
Things were going to be delivered differently.
I wanted the next challenge, which is where Cloudflare really ticked all the boxes for me.
It was the right culture, the right tech stack, product set and direction.
How long ago was that that you came to Cloudflare?
Four years ago. Four years. OK, so that makes you kind of a veteran at a company that's grown this fast.
I guess kind of. It was one of the things that, you know, everyone that joins thinks they kind of missed the boat in being the top tier.
Even back then, I was thinking that and people were thinking that at the time. But it's been a real wild journey.
What role did you join? What role did you have when you first joined?
Like, what did you enter Cloudflare as? Yeah, I joined as an SE.
And then not so long later, I kind of started running the team and then running the EMEA team a little bit after that.
And you mentioned kind of what attracted you about being part of Cloudflare, but how did Cloudflare come across your radar?
How did it enter the picture?
Yeah, not authentication. Actually, it was with certs and SSL and certificates.
And back in my previous business, you know, doing things on the Internet and with customers and spotting certificates that had, you know, a lot of names on as part of the universe as well.
Not really understanding what that was.
Looking to find out how that could possibly be on the Internet. You know, someone representing a bank in Australia, as well as, you know, a small mom and pop shop in the US.
That was really intriguing. And then as a result of that, finding the blog on Cloudflare, which is, you know, it's a great read.
If you don't read it, you really should.
But it's technical. It's relatable. It's informative.
And yeah, that's kind of what really put Cloudflare on my radar as somewhere that I might want to work.
Just the transparency and communication. That's fantastic.
The blog continues, I think, to be one of, it's both, I enjoy reading it. It's also, so many people I've spoken with who, that was how Cloudflare first got on their radar.
That was how they came to know the company now. And now, like you, they're team members.
So, I love that. You've certainly been at Cloudflare long enough to know some of our own dogfooding experiences with authentication systems.
Do you remember, especially being an SE, knowing that the tools that you're trying out are going to be things ultimately we want to help customers use and help solve customer problems?
What's that experience like dogfooding tools like that as an SE? Yes, I got involved in the access stuff at Cloudflare probably even before we were dogfooding it, I think.
Because it's something I've been doing before, really kind of trying to work and at least relay my experience of how customers were using this that I'd seen in my experience.
So, it's great to have that ability to influence it holistically.
But then, the actual dogfooding experience, honestly, was pretty easy.
It was non-disruptive. It was non-challenging. So, we got to play with it internally, but Cloudflare was obviously rolling it out as well externally.
And it didn't disrupt anything for me. So, obviously, we could see it. And if anything, it was just an easier way of working whilst we're playing with it, even in its early, early days.
And I'm sure dogfooding is a part of that. But when there's a new product coming to market from Cloudflare, what's the best way for you as an SE or for your team of SEs to learn about it beyond just dogfooding?
How do you all like to become more familiar with it before we start turning around and helping customers with it?
The most valuable thing, I think, that we do is we try and break it, which is valuable for you.
But breaking things is where we learn about the nuts and bolts of where it's strong, where it's not strong.
What are the use cases that it actually makes sense for?
So, yeah, getting hands -on and pulling it apart.
That's really how we prepare for taking to market. And then once we've got that comfortable, that's where we really try and understand the external market as well and how it compares with what else is out there, ultimately.
Well, the feedback from your team, especially when they break it, is some of the most valuable that we've come across.
So, I'm really grateful for that. One kind of closer to the end, and then we'll get to hear from Justyna for a bit.
One question I do have, though, is what advice would you give to boat doc James Crocker about your career journey?
Like, going back in time, if you could share some wisdom there on the Thames, what would it be?
Yeah, it's probably a little bit cliche, but I'm thinking about it as kind of embracing change, expecting change.
Change is inevitable. It's going to happen. Making sure that the things that change are changing in the right direction and for the better.
And this applies to lots of things.
It applies to your career. Don't necessarily be stagnant from a career perspective.
If you're feeling stagnated, you probably are. And you should look at what you want to be doing that makes you get out of bed and go to work, ultimately.
It's really, really important. So, embracing that. But then kind of on the technology perspective, things like authentication.
And I don't really mean what the protocols involved are, but these things are involved.
Holistically, they're going to change, but how do they not impact, ultimately, business?
Because that's what we're here to support. So, when you're changing, don't break things outside of what you're trying to change directly.
Focus on the problem.
Yeah, exactly. Fantastic. Well, James, thank you so much for sharing your journey and your answers.
I love the start of your career on a boat dock that led to IT.
It's not the first story where someone was starting as a teenager and kind of a summer job, and someone asked them to help out with a computer system nearby, and that began their IT career.
So, I love that that's a theme on this program. Awesome.
Cool. Well, James, Justyna is another member of the Cloudflare team that those of us in the product org are so grateful to have.
Because, like James, she's able to help our customers understand how to use products and solve problems.
So, I'm really excited to get to chat with you today, Justyna. Can you hear me okay?
Yeah, I can hear you fine. Wonderful. How are you doing? What? How are you doing today?
I'm doing great today. Like, it's another awesome day in Lisbon, so great to have you over here.
Yeah. To Dubai? To Dubai. Well, could you introduce yourself and what you do at Cloudflare?
Okay. So, I'm Justyna. I'm currently in the Lisbon team.
I'm in the customer support role. So, I'm the team lead in the Lisbon team for the technical support engineers here.
And I know it's fun to be on the Lisbon team together, but I think you're also one of the few people at Cloudflare who's worked now in at least three different offices.
Is that right? That's correct.
Actually, I used to be in the same office as James. So, we were in London together when I first started in Cloudflare.
And after around a year, then I moved to Singapore and I could help support the Chinese speaking customer over there.
And now I'm back to Europe in Lisbon now and building up more different language speakers here so we can support our customer of all the language they want to speak.
So, yeah. And I appreciate you representing the Lisbon office with the Lisbon t-shirt.
I love that one. Going back in time a little bit, what was your first job?
Was it also on a boat dock? Actually, my first job has nothing to do with tech.
I was actually a barista in a coffee shop. So, I was working in one of the chains back in Canada.
So, nothing techy at all, but it was fun. And it was before we have all these fancy coffees.
So, yeah. Was that kind of the start of your career working with customers and helping customers out?
Are there still lessons you learned there at the coffee shop that you bring into support today?
Exactly.
I think this is the first time when you actually – I think under pressure would be a good way to say it too.
Because I work in a coffee shop that is in the office building.
So, every day before the office hour, there's a huge rush of everyone.
And because everyone works in the same building, so you see them all the time.
It's almost like our customer today. They write in all the time, so you start to know them.
And it's great to have the connection with people. Yeah. And you're able, I know, to have that connection with people from a number of different languages.
You mentioned supporting the Chinese-speaking team. Do you mind if I ask what languages do you speak?
Because I know it's several and it's really impressive.
If I can speak fluently, it's mainly Mandarin, Cantonese, and English. But to advance the support ticket, I sometimes will take on the French and Japanese tickets as well.
That's amazing. But definitely not fluent in those two languages.
But I try. With how global Cloudflare's customer base is, that's so important.
So, I'm really glad we have experts like you on that. What was the first time you had to log into a system?
So, you mentioned your career didn't start in IT.
It was there in the coffee shop. But when did that transition into the technology space?
Actually, my tech life started pretty recently. So, if I go back a little bit to my early career, the first time I need to log into the system, I actually don't get to change anything.
But more as a login to read the documents and stuff like that.
It was when I was working for an airline. So, I was working as a flight attendant.
And a lot of the internal documents are there, like all the training programs required to log in as well.
And our roster are there. So, it feels like there's a sense of belonging that, okay, now I can log into our backend.
So, I'm cool. I love that. A lot of guests on this show have talked about their first login system as kind of someone has put this trust and this responsibility on me.
But the way you describe it, that's fantastic. You now feel like you're part of the team because you're able to connect to something that only the team is able to reach.
Exactly. So, even if it's only a read-only kind of access, it feels like, okay, I'm behind the login.
I love that. So, that was kind of a read-only view.
When was the first time you had access to something that kind of intimidated you, that was a little scary?
That, oh, no, now I can potentially make a mistake and this is a little intimidating?
To be fair, I think it has to be Cloudflare.
Because I go back to all my previous jobs. I was more internal facing.
Even though I take care of customer, but it's more internal customer. Or if I need to update any documents, everything is just within the organization.
And Cloudflare is the place that when I started doing public-facing announcement or updates.
If I click the save button, it's going to go on to our website.
So, like, okay, I'm going to write everything carefully. And to that point about treating it carefully, what are the steps you kind of go through?
Or how do you feel more comfortable using systems like that?
Like, what would you recommend to people who are earlier in their career and thinking, oh, no, if I press this button, it's live everywhere.
I want to be a little more cautious. When I was new, trust me, I do ask people like 5 ,000 times.
And I cross-check with everybody with like a sanity check.
Like, okay, can you look at the message and make sure I get it right?
And I even get someone to just sit next to me. Okay, I'm going to click these three buttons.
It's right, right? Yeah. So, like, over time, I know, okay, now this is exactly what I do.
But in the beginning, it's like I would sit someone next to me and be like, okay, watch me do it and stop me if I do it wrong.
That works. Having someone that you can lean on and who can kind of help provide a safety bumper is so important.
I know that makes me a lot less nervous. Definitely, definitely.
So when did you start your journey at Clownflare? I started, I think, around two and a half years ago.
Yeah, that's when I joined the London office.
And what brought you to the Clownflare team? It's actually funny. So because of my background, so my previous job before Clownflare, I actually worked for a media monitoring company.
And with that, we do a lot of automation to pick up content from websites, especially media, news, platform, and things like that.
And one of the things that I encounter most as my job every day is I will see the firewall from Clownflare.
The block page. The company is blocking me all the time. We have to be creative into overcoming all these, whatever rules that we don't even know, like the site owner is applying on us.
So we just have to play with everything to overcome the blocks.
So eventually I'm like, okay, I need to know what is this Clownflare thing?
Like, who is this? And then I start finding out about this company.
I love that. Both of you kind of discovered Clownflare organically just by solving problems in previous roles.
James with certs and seeing the, it's probably the camel case to name back then on the certificates.
And Justina with the block page.
So Justina, when you joined Clownflare, joining the support team, y'all are professionals.
I can't really fathom how you keep all the different products and all the details ready and available for customers.
So kind of similar question to what I asked James.
How do you go about learning about what Clownflare products are doing so that you can help customers, especially newer ones?
To be fair, we always say you probably can't find one single person that knows the in-depth knowledge of all our products.
But as a customer support team, we have to support every product.
It could be from setting up a DNS record to, I don't know, spectrum or setting up your access rules.
So we have a training program for all our engineers to understand what is behind all the logic of all the products that we have.
But every case is a niche case. So when you do a ticket, it's also your learning process.
So to be honest, like every day, there is something new that I've never seen before coming into this.
So that is fun. But then when we have questions, then we could go to product engineers like yourself, talk to the product team and be like, OK, I'm not too sure if we can support it or I'm not too sure if we have this logic yet.
Can we check with you? Can we add it for future requests for the future?
So we work very closely with our engineering team as well to learn more from them every day.
Yeah. And given how different all the tickets are, what are kind of your general rules of thumb about interacting with customers?
Because I guess if someone's opening a support ticket, they're probably confused or maybe a little frustrated.
How do you what do you think is the most important things that you bring into every interaction with a customer to make them feel a little more comfortable, a little better using the product?
I think like usually when the customer write in, you already have a feeling about like how technical they are.
Like sometimes when they write in and they might have not, they might not have a clue of like anything that they are doing with Cloudflare.
They might be new to blogging, for example, building their first website. So it depends on the technical knowledge that you think the customer has.
Maybe we have to explain something like more step by step or more simple.
But if something that is more technical, then it's better to just get straight to the point and just answer exactly the problem that they have.
So it really depends on how you feel from the ticket of how the customer is.
And yeah, and it depends on the scale of the problem they have.
Like if the website is down, for example, it's definitely on our top priority.
And we'll like we'll pull all the data we can to help the customer to bring the site back up.
And it's very important. Absolutely. One thing. So you were joining Cloudflare probably just as we were rolling out Access, the VPN replacement product.
Do you remember what that was like dogfooding that internally as we started to kill off the VPN?
To be fair, I was fairly new when the whole process started.
Like I think I started when we still have a VPN and then like out of nowhere, like, OK, we're going to start migrating.
And we do have a lot of different access and we have entitlement to allow us to check the product or check different things and configuration.
So it's very scary, like, to be fair, because if I come in tomorrow and we are moved behind our product, but I can't access anymore.
And I can't operate the whole day. So we do allow our team like a bit more time to buffer.
So we will migrate in two weeks. So now please test everything and make sure you can log in.
It could work. You could continue to do support ticket.
And so I think it's very good because we do have that transitional process that allow us to play around and test things first before we move.
That's really good feedback about dogfooding anything, but also moving to a new system like this is don't don't surprise people.
Don't don't do it overnight. Yes. Yes. Yeah, it's too disruptive.
Kind of when you're looking back at the journey that brought you here to Cloudflare and, you know, interacting with with our customers.
What advice would you give yourself back in the coffee shop about that journey?
What career wisdom would you share?
I guess I I think because all my job is related to more of a support role.
So it's always, always important to show empathy and listen and understand what is going on on the other side.
First, before you jump in and start giving advice or like you start giving out like, OK, do this one, two, three, four, five.
But like maybe maybe it's another question. Maybe it's something else.
So listen first and make sure you understand what is going on before you start giving a good advice.
So, yeah, that's wonderful. Wonderful.
Well, we're about out of time, but I just want to say thank you to both of you.
There are some things I took away today that I really enjoyed getting to learn more about.
James talking about learning by breaking things and really exercising kind of the capabilities and what it can and can't do and avoiding delivering something that actually introduces more problems.
So that of learning more about that and just, you know, when you mentioned, you know, having permission to reach a system is also kind of a you're part of the team.
It's a means of belonging.
I the first person who's brought something that like that up on this program.
And I really appreciate it. So thank you both for your time and your stories.
I've thoroughly enjoyed it. Thank you. I hope someone is doing this interview with you as well.
I'll turn that over to Sylvia or someone like that. I'm sure they'll have some good questions.
My answers won't be nearly as great as yours. But thank you all so much for your time and have a great rest of your Thursday.
Thanks, Sam.
Thank you.