Interview | Sam Boswell

Sam Boswell

Engineering Manager, CTO, IoT, security, geek.

Hi Sam. How are you?

Really well thanks Andy, good to chat to you today!

What are you working on at the mo?

Currently my 9-5 (ish) role is with Device Authority, where we build a platform called KeyScaler – a cyber security platform for IoT (internet of things) I look after the engineering team here as we build out the leading platform for IoT identity, security and management. We work across a ton of different markets, but currently focusing on medical (surgical robots, drug delivery systems), industrial (smart factories, CNC, robots), and automotive (connected vehicles, connected autonomous vehicles)

That sounds interesting. How does it help users?

The biggest issues for IoT security are that traditional models of identity and access control don’t scale with the volume of devices needed. This has led to a bunch of approaches such as default credentials baked into devices that can’t be changed, and this leads to issues such as the Mirai botnets, and leaking of sensitive data. KeyScaler automates the process of building trust to devices, delivering certificates for PKI and setting up ongoing device monitoring, updates and more! By automating this work, we reduce costs for our customers, and remove the ever vulnerable human in the loop!

What aspect of Device Authority are you most proud of?

The team! We’ve got an awesome collection of people with a wide range of specialities – in cryptography, security, embedded software and high level server side development. The team here and across the globe work so well together.

What do you see as the next phase for Device Authority?

A lot of our focus at the moment is building out further integrations to support our customers integrating in lots of different verticals. We allow customers to deploy on-prem, Saas, or in a number of cloud environments such as Azure – and it’s important that we get the benefits from all of these different routes.

What did you do before Device Authority?

Before Device Authority, I’ve worked in the startup world, and bespoke software, helping to grow and lead engineering teams on a number of projects, as well as maintaining my own presence under the Deciphered brand where I can do some consulting and code work to keep my hand in!

This work stuff is great but who are you outside of work?

Outside work I enjoy a fairly wide set of outdoor hobbies, climbing especially. A technology interest keeps me tinkering on the bleeding edge in cybersecurity and AI/ML, a bit of pc gaming thrown in and as an avid reader, my kindle travels everywhere with me.

Thanks for your time Sam. I’ll be following with interest!

Check out Sam’s personal website to see the cool chat feature! I really like it.

More information

Device Authority  


6prog is a facilitator of freelance contracts and commentator on recruitment in general. For more information reach out

6prog interviews | Brett Delle Grazie

An experienced DevOps consultant with over 20 years in the IT industry. A background in software engineering,dealing with everything from embedded systems through to fully distributed systems. 

Hi Brett, what have you been up to recently?

Hi Andy, I’ve recently finished a three year engagement as DevOps Practice Lead with a large Government organisation, having been responsible for significant portions of their CI/CD pipeline processes adopted by all the various teams.

Can you take me through that journey?

As part of a business change programme, my team and I, were responsible for radically transforming their existing CI processes for multiple bespoke applications into a true CI/CD pipeline giving the organisation far greater agility than they had previously. They went from quarterly releases to two weekly incremental releases with greatly improved idea-to-production cycle times.

In addition to being responsible for the CI/CD processes we were also part of the live support team for the applications delivered upon our platform. Here the use of an everything-as-code, immutable infrastructure and cloud native approach drove improvements as well. We ensured that applications could deploy their own monitoring, alerting and custom dashboards with the application deployment. We also ensured that the tools we used were equally accessible to development teams from the outset, the result was development teams delivering dashboards that had operational as well as business value up-front as part of the application deliverable.

In order to achieve all this we had to engage early and constantly collaborate with our colleagues in Architecture, Security, Operations and Management. Without that collaboration and support none of the above
would have been possible.

How much of the organisation does this type of project affect?

Quite a lot! We delivered software developed for internal, public and business to business use and during my tenure shifted from hosted infrastructure to public cloud as well. All while addressing GDPR regulation
and the usual associated security concerns when moving to public cloud.

What was a key take-away in this project?

I know it’s a cliche but early, frequent collaboration is key. The early collaboration led to a guiding/mentoring behaviour between the teams instead of a traditional policing approach. Experienced individuals felt free to raise concerns or challenge a design or strategy, but were accepting if their challenge was not ultimately accepted.

Over such a long period, scope change is inevitable and strategic decisions once thought immutable may need revisiting as understanding improves and the unknown unknowns become more known. Collaborative behaviours allowed this to happen naturally at appropriate times without people trying to maintain their illusory fiefdoms of control.

How do you deal with challenges?

In short, have a plan and a roadmap, engage early and deliver incremental business value.


I’m an engineer and I love challenges. I love learning, so researching, decomposing a problem into a workable plan or developing solutions is something I thoroughly enjoy. I’m also not afraid to seek help when needed so I’m always learning.

On the people side of things I strive to listen to all parties, be polite, honest, upfront and operate in the best interests of the client. In my 20+ years in the IT industry, 10 of which have been consulting, I’ve always found this to be the best operating policy.

In my first job as a software engineer straight out of University I had the fortune to be mentored by a senior engineer of extraordinary talent, patience and skill. For that reason alone I try to act as a mentor to Developers or DevOps people that need help. Watching them grow into competent engineers with my help is my way of thanking my friend for his assistance when I was young and green.

What is your biggest achievement?

A few years back I was brought on as DevOps Team Lead for a bank that had a huge engineering team. On my first day observing, I had one team member rage-quit a meeting in what I learned later to be frustration with
the team’s lack of progress and poor behaviour. That team member turned out to be one of my greatest allies in instigating change.

AWARD > the DevOps Industry Awards 2018 "Manager of the Year"

I went about breaking the silos and getting people to communicate. As we helped individual teams with their specific issues, they helped us fix bits we couldn’t do on our own. The results were an astronomical improvement in team interactions and rapid improvement in cycle time for development tasks. That was in addition to some very serious technical improvements to their infrastructure and pipeline processes on their internal and hybrid cloud operations.

On the day of my leaving, many months after, the CEO pulled me aside and said:

“I cannot thank you enough for the work you have done here.

You have made a significant impact that we are all
the better for, thank you”

6prog is a facilitator of freelance contracts and commentator on recruitment in general. For more information reach out