We switched from Wistia to their video streaming offer and literally decimated our video hosting costs. Exactly what we needed with none of the upselling B.S.
Compliance with what requires KYC? Nothing in ISO-27001 requires you to collect any information about your customers. Unless there are laws that require you to. Knowing your vendors is another story.
The standards are very sensible. If you can't be bothered to provide even simple evidence that your employees are using basic harddrive encryption, use password managers, and your product has backup in place, I don't want to do business with you.
And Delve isn't an auditor. Though they were apparently in cohoots with equally criminal third party auditors. So I guess I'm going to be looking more closely at just exactly who exactly are auditing our vendors in the future...
Well, yes, but that's the point of many contracts, they are often designed to shift risk to parties that are better equipped to handle those risks. We run our app on GCP because as a 20 person company I don't want to be responsible for physical security and a million other risks.
With ISO27001 or SOC 2, I have more information about the other party's ability to manage those risks than just taking their word for it. I'm trusting a third party auditor to vouch for them.
Fraud undermines all kinds of relationships and yes LLMs make it worse. The last job we opened I got hundreds of perfect cover letters asserting the candidates met all of the criteria. Bah.
My perhaps naive hope is that a few of these companies involved will face criminal fraud charges and we will start to develop new reflexes as a society that just bc LLMs making lying very very easy, there are still consequences.
I don't want to work wherever you do your thing. Software as a service means you provide a service, and you should take your responsibility to protect your customer's data super seriously. Compliance frameworks are one useful tool among many to support this effort. It helps us identify gaps, identify risks, make improvements. It also give us a way to communicate what we do to our partners. The behavior described in the medium post is fraud, pure and simple.
I am a founder, and my ambition includes meeting the highest possible standards for my customers.
I can remember something like this a few years ago when a customer emailed our helpdesk with their own internal IT support desk in copy. Our helpdesk at the time sent a complete new email acknowledging the request, which the customer's desk ALSO acknowledged in a new thread...
I think it took us a good hour and a few hundred tickets to get the helpdesks to stop fighting with each other!
One thing that is real is companies using LLMs to fill roles they couldn't afford to spend on before. Like the tourist who uses Google Translate on a trip to Japan: in principle they are saving 10k on the cost of a professional interpreter. On the other hand they never would have had the resources for a professional interpreter.
There are costs and benefits to requiring helmets.
Requiring a helmet has apparently been shown to depress the use of bikes for every day activities. Going grocery shopping with a bike is less convenient if you have to juggle a helmet along with a liter of milk.
Less biking means roughly more pollution, more obesity, bigger roads, more car accide ts.
On the other side of this equation is the death and injury that helmets prevent. This is non-zero, but apparently in the Netherlands we have judged this marginal benefit of helmets to be less than the advantages of more cycling.
The calculation might be different in countries with inferior cycling infrastructure.
ActivityInfo | Remote or onsite in the Hague, NL | Software engineer, QA engineer | Full Time
I'm the co-founder and technical director at ActivityInfo, a data platform used by the United Nations, governments, and NGOs in more than 60 countries worldwide.
ActivityInfo is a unique, highly demanding application to work on, involving a fully functional offline mode in the browser, integrated mobile data collection, visualization, and our own query engine. You'll work on tough problems and get direct feedback from customers in Venezuela, Yemen, Afghanistan, the Ukraine and elsewhere who depend on our software.
I'm lead developer of a quite large Java code base and I found the artivle super helpful in giving a name and shape to something I've half observed but really come to appreciate.
Over the past two years we've been slowly moving our code base in this direction general, eliminating Exceptions, for example, in favor of more detailed Result<ValueT, ErrorT> return types.
With lamdas, writing this kind of code does require more boilerplate in Java, but it's getting better.
Nonetheless, ADTs and pattern matching are sorely missed. The Visitor pattern is an alternative and is well worth it for key data structures, but is too verbose for one off usage.