Learn more about Consider Learn more

How to make your team fall in love — or at least fall in like

Until a few weeks ago, many of us on our 11-person team at Consider had never met in person. We’re a bi-coastal team, so our first-ever team offsite was a special opportunity for us to really get to know each other and connect on a deeper level.

I was asked to lead our ‘getting to know each other’ session, and thanks to friends from IDEO and Stanford GSB (I emailed my entire class to solicit ideas— something more than ‘two truths and a lie’ but not quite ‘Touchy Feely’), we landed on four activities that helped us get to know, certainly like, and (dare I say) maybe even love each other more.

While we started with innocuous self-disclosure that had about the same depth as ‘two truths and a lie,’ an hour into the session, we were sharing from realms some of us may only trod with our therapists. It didn’t go quite as far as Touchy Feely, but emotions surfaced, and that was a good thing.

The result? After two hours of facilitated activities, multiple awkward silences, several empathetic acknowledgments, a few gasps of surprise, some tears shed, and dozens of shared laughs, our team felt emotionally drained, but spiritually lifted and more connected— understanding and accepting each other on a deeper, more personal level.

Warm-up circle

5 minutes

We gathered in a private room, making sure everyone had their morning coffee, eggs, or whatever they needed to start their day. As the facilitator, I introduced the purpose of the next two hours: quite simply, getting to know each other on a more personal level.

The first warm-up activity eased everyone into the session with a physical activity. We formed one large circle. I had a series of statements and everyone was instructed to step into the circle if the statement I read was true for them. As this was just a warm-up, we tried to go rapid fire.

Step into the circle if…

  1. You were born in a country outside the US.
  2. You can speak at least two languages.
  3. You can speak more than two languages.
  4. You’re the eldest child in your family.
  5. You’re a middle child in your family.
  6. You’re the youngest child in your family.
  7. You’re an only child.
  8. You played a sport in high school.
  9. You’ve ever played an instrument.
  10. You identify as an extrovert.
  11. You identify as an introvert.
  12. You’ve ever been judged unfairly.
  13. You’ve ever judged someone else unfairly.
  14. You typically eat breakfast in the morning.
  15. You learned something new about someone else here just now.

Closeness creation questions

1 hour, 40 minutes

After returning to our seats around a large table, I introduced our main activity: answering a series of questions to help us understand and feel closer to each other. This was where things got real. We dialed up the depth of personal disclosure and encouraged everyone to be as honest and vulnerable as possible, to the extent they felt comfortable.

For those of you familiar with Fast Friends or The New York Times’ The 36 Questions that Lead to Love, some of these questions might look familiar. As the facilitator, I introduced each question to the group, and everyone took turns (popcorn-style) answering the question until everyone had answered.

Note: for questions that lend themselves to more self-disclosure, it’s helpful if the first few people who share their answers are especially open and vulnerable, to set the right tone for the rest of the group.

  1. Given the choice of anyone in the world, who would you want as a dinner guest?
  2. Would you like to be famous? In what way?
  3. What would constitute a perfect day for you?
  4. Take two minutes and tell your life story in as much detail as possible.
  5. If you could change anything about the way you were raised, what would it be?
  6. If your current job were no longer an option, what dream job would you pursue?
  7. If you were going to become a close friend with everyone in this room, what would be important for everyone to know about you?
  8. For what in your life do you feel most grateful?

Quick break

3 minutes

At this point several cups of coffee, pitchers of water, and some tears later we all needed a short break.

Positive affirmations

10 minutes

There’s nothing quite like the cozy blanket of warm fuzzies we get when we give and receive compliments— especially following the emotional bender of sharing things you previously never thought you’d share with your team. Upon returning to the room after our break, I introduced our final activity: everyone would have 20 seconds to share positive affirmations with each person in the room. These could be things we liked about the other person, things we respected or admired about them, or things we appreciated them sharing during the previous activity.

I was surprised by how powerful this exercise was. After bearing pieces of our true selves, we were all individually accepted and appreciated.

While there are multiple ways to pair each person in the room with every other person in the room, here’s how we did it:

  1. We started by forming two lines (Line A and Line B), facing each other.
  2. Line A would start by sharing positive affirmations with the person directly across from them in Line B. After 20 seconds, I’d call out, “Switch!” and then everyone in Line B would return positive affirmations to the same person across from them in Line A for 20 seconds.
  3. Then I’d call out, “Rotate!” and everyone in Line A would step one person to their right, with the person on the far right walking around to the opposite end of the line.
  4. We repeated this same process until everyone in Line A had exchanged affirmations with everyone in Line B.
  5. At this point, Line A formed two lines (Line A1 and Line A2) facing each other. Line B also formed two lines (Line B1 and Line B2) facing each other. We repeated the same affirmation exchange process above.
  6. Then all lines formed even shorter lines facing each other (e.g., Line A1 became Line A1a and Line A1b facing each other, Line A2 became Line A2a and Line A2b facing each other, etc.). We continued this process until everyone in the room had exchanged positive affirmations with everyone else in the room.

Closing meditation

2 minutes

At this point in the session, the room was abuzz with the positive energy of everyone feeling closer, more connected, and accepted. It felt like a unique opportunity to give everyone the headspace to reflect on, process, and capture this special moment. Having been in the Bay Area long enough to jump on the meditation bandwagon, I led the group in a closing meditation.

After hitting play on my Spotify ‘Energizing’ meditation soundtrack, I asked everyone to get comfortable in their seats and close their eyes.

  1. We started with three slow deep breaths.
  2. I then guided the team through first letting their thoughts wander through their minds— maybe the things they shared, maybe the things other people shared.
  3. Then I prompted everyone to think about what parts of themselves they wanted to bring to the team, especially after just hearing affirmations from everyone else on the team.
  4. Finally, we ended the meditation with gratitude— thinking of the affirmations they just gave, thinking about what the things they shared with the group earlier that they were most grateful for, and thinking about the other things they were grateful for that they weren’t able to share with the group earlier.
  5. And when everyone was ready, we all opened our eyes and I thanked everyone for participating.

While I’ll admit that our team didn’t ‘fall in love’ the way we typically hear that phrase used, we took great strides toward building an initial foundation of trust, closeness, and acceptance that will most certainly continue to strengthen as we continue getting to know each other.

One member of our team captured it best when she said that during our closing meditation, she took a mental snapshot of the moment for herself: this was a special time for us as individuals sharing our whole selves with our team and a special time for us as a team— together on a journey with so much potential.

Keep reading

How we run security and privacy at an early stage company

What kind of data do you collect from your customers? What is this data for, and what is it not for? Where does it end up?

When and why do your employees access that customer data? How much of that can you prove and are certain of? What would you do if you found out that customer data has leaked to an unauthorized third party? What do you define as unauthorized?

Protecting customer privacy and trust should be a top priority for all businesses, but the stakes for us– a small email company– seem even higher. When I joined Consider last year, I was excited to help grow an internal culture of excellence in privacy and security, and help create a foundation of programs and processes to help our company grow, while maintaining our customers' utmost trust.

If you haven't worked on a project like this before, it can be daunting. I'm excited to share these 5 programs that work for us, that should help you get started.

1. Ethics agreements

First impressions matter. At Consider, our goal is that new-hires immediately start working with the knowledge that customer privacy is sacred. To this end, all of our team members sign an ethics agreement on day one that sets out:

  • How protecting customer privacy always trumps any other issue or goal.
  • How we never access customer data, unless in response to an explicit request and permission from the customer. When a customer explicitly asks us to look at some of their data to resolve an issue or question, we must establish a clear permission trail, and perform the required action in groups of two. All actions here are automatically logged and published to a realtime public audit trail.
  • We have a zero-tolerance policy of any misuse of customer data.

⁠2. Internal auditing

I recommend regularly auditing your whole company and all of the software you run. We do this every three months. First and foremost, we do this to find minor problems before they become bigger, such as a user account with slightly incorrect permissions. Secondly, we do this so that we can build confidence and communicate to business leadership how well we are doing at privacy at a very high level, and that we have a total grasp on all of the infrastructure and software we use. Thirdly, we do this as a regularly-scheduled reminder to teammates how important customer privacy is.

The exact steps that make sense during a routine audit will differ, but here's a few things we've found value doing:

  • Rotating every credential/password the service uses. We do this routinely so we never feel tied to a credential, and to ensure we can change it with ease if shit hits the fan.
  • Manually reviewing the access control and team settings for every single tool we use.
  • Manually reviewing audit trails such as CloudTrail.
  • Manually reviewing certain mission-critical things, like domain expiry settings and DNS settings.
  • Crucially, we re-evaluate the audit process itself. Are there new things we should be checking? Is there a step that doesn't make sense any more? This helps prevent the process from devolving into a box-checking exercise.

⁠3. Application Security

So often, application security is sidelined as a separate task and program to the day-to-day development and deployment of your app. But to me, a great appsec culture is embedded in new product development, where you can build and ship new product features and changes quickly, while also having high confidence that what you're releasing won't introduce new security vulnerabilities. You can start to introduce application security principles into day-to-day development:

  • Mention and discuss any new security issues during code review. For example, you need to treat any and all customer-provided data as untrusted input to your system. Untrusted input needs to be carefully stored, and carefully displayed, to avoid vulnerabilities. Be obsessive about this. Learning some threat modelling acronyms like STRIDE can help motivate questions during code review.
  • Familiarise yourself with basic security bugs. For example, you can check out the OWASP Top 10. This will help you spot bugs, but also helps you talk about and reason about them with others.
  • Research best practices for your app, and adopt them where possible. For example, webapps can adopt newer browser-level security features like CSP and SameSite cookies.
  • Schedule and perform regular external security audits.
  • Gratefully accept, fix, and reward security reports. A simple place to start here is having a dedicated `security@` email address, but you can also investigate bounty programs like Bugcrowd and HackerOne.

⁠4. Internal tooling

When building and continuously deploying software in a growing company, eventually you'll start building internal tools and admin dashboards to assist with the day-to-day maintenance of your application. At this early stage, it's easy to build tools that expose a huge amount of information about your customers, without building much access control or audit logging. Zoom ahead a couple of years, and suddenly you have hundreds of employees with thousands of workflows built on these admin tools. Introducing privacy controls at this stage will be met with justified resistance and turmoil.

At Consider, we're trying to build a privacy foundation that will work for us as our company grows. Therefore all of the tooling we're building redacts customer data. Does this make investigating an individual software crash more difficult here and there? Undoubtedly, but the problem is not a major one for us. We're used to it, and we build new product features with the knowledge that we are going to have to debug it anonymously, without customer data in stacktraces to help us.

5. Culture and Leadership

Your teammates have to internalize and truly believe in the importance of customer privacy. You can help here by simply being seen to care, and recognizing and rewarding good work that advances privacy internally.

You'll know when you've made progress here when you start seeing these signs:

  • Engineers start organically prioritising bugs that could lead to a privacy or security issue.
  • Team members advocate less and less for weakened customer privacy to make something like debugging or analytics easier.
  • Team members start to blow the whistle on privacy violations and issues, no matter how minor.

⁠Summing up

Warren Buffet said: "It takes 20 years to build a reputation and five minutes to ruin it". Prioritizing security and privacy at an early stage isn't always the easiest path, especially when there are hundreds of other things vying for attention and investment. However it's also true that the reputational, legal, and financial risks associated with ignoring it are bigger than ever.

It's important to start the conversation with your team about protecting your customers. If you'd like to give some of these practices and principles a shot - we'd love to hear how they work for you!

Keep reading

How to make remote work work

We never set out to be a remote team. But after spending a year in our Boston office, our CEO Ben decided to return to his former home, San Francisco, and start a second office there. We worried about the move’s potential side effects - struggles with building a company culture and maintaining organic relationships between the two locations, to name a couple - but took the plunge.

Today our company is split between the two cities: one office in Boston, one in SF. Despite the 3,000 miles and 3-hour time difference between us, we've found ways to stay connected and actually strengthen relationships across our team by being intentional about how we use the tools at our disposal.

Here’s how we use a combination of Slack, Consider, and Zoom to work as if we were one team in the same office.

1. Slack Channels

We rely on Slack channels for those lighter moments when everyone can feel the shared pulse of our joint offices. We previously had a #boston Slack channel for good, well-intentioned reasons: we didn’t want to annoy the SF team with side conversations about the weather forecast or debates of where we’d go to lunch.

But we realized those lighter moments - where you feel like you’re right there in the same office making lunch plans or laughing about funny tweets - are a key part of building latent bonds. So we renamed #boston to #boston-sf. We may not be eating at the same food trucks or suffering through the same rainy weather, but we’re all part of the same discussion about them.

2. Consider Groups

OK, yes, this is our product. 😃 But hear me out: it’s been a game changer. Consider groups keep us on the same page and allows us to join the right conversations at the right times, even when we’re in different time zones. We used to have several Slack channels for these discussions, but when one office is eating lunch while the other office is just starting the day, Slack channels don’t cut it. Conversations in channels are freewheeling and have often moved on by the time you’re ready to jump in.

So we use Consider groups to keep tabs on product updates, daily engineering standups, and off-the-cuff ideas for future company developments.

  • Product updates: We moved our #product Slack channel to a product@ group to make the conversation more deliberate and organized. Our SF-based designers can share their latest designs of new features in our product@ group. Each feature has its own separate email thread, easily recognized by the subject of the email. Team members across both offices can leave comments and reactions on their own time, without worrying that the conversation has already moved on.
  • Engineering standups: We used to have a Boston Standup bot in Slack that became a bit of a mess. So we moved the conversation to a boston-standup@ group, where we start a new email thread each day for members of the Boston-based engineering team to post what they’re working on. Everyone across the company can access and respond to updates in the group, boosting our transparency and understanding.

  • Ideas: Our most impromptu company ideas (“What if we added a new feature for users to integrate polls into their conversations?” or “Let’s make a collaborative Spotify playlist and play it on an office speaker!”) never had a stable home - they’d get thrown out into a Slack channel and buried by the next topic in the channel’s ongoing conversation. We now email all ideas to an idea-archive@ group so we can track and discuss these ideas when the time’s right to explore them.

3. Zoom Click to Dial

Ultimately, some conversations require talking the old-school way - especially when we’re having more in-depth discussions that warrant immediate feedback. So we fit each of our conference rooms to have one-button Zoom connections to the office on the opposite coast. This was an expensive installation, but the ease has made it a worthy investment, especially compared to how much we’d spend on travel.

Breaking down a go-to-market plan for an upcoming launch? Bouncing ideas off each other as though we’re at the same table gets the job done. Demoing new features at the end of the week? Chatting face-to-face helps us iron out all the little details.

Remote work isn’t a novel idea - studies show that more than a third of today’s workers are considered mobile, and that number is predicted to grow in the years to come - but that doesn’t mean it’s easy to do well.

Maintaining a strong remote team requires effort to replace the casual run-ins, team building, and shared knowledge that happens when you're in the same place. But with the right tools used intentionally, we’ve been able to build and strengthen our relationships across the company - and across the country.

Keep reading