BBC Radio 5 live’s award winning gaming podcast, discussing the world of video games and games culture.
…
continue reading
Player FM - Internet Radio Done Right
17 subscribers
Checked 7M ago
اضافه شده در three سال پیش
محتوای ارائه شده توسط Skyflow. تمام محتوای پادکست شامل قسمتها، گرافیکها و توضیحات پادکست مستقیماً توسط Skyflow یا شریک پلتفرم پادکست آنها آپلود و ارائه میشوند. اگر فکر میکنید شخصی بدون اجازه شما از اثر دارای حق نسخهبرداری شما استفاده میکند، میتوانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
مشابه Partially Redacted: Data, AI, Security, and Privacy
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
We help founders make something people want.
…
continue reading
Player FM - برنامه پادکست
با برنامه Player FM !
با برنامه Player FM !
))
Daily Deals
Privacy and Security Considerations for RAG with Graphlit's Kirk Marple
Manage episode 418351977 series 3386287
محتوای ارائه شده توسط Skyflow. تمام محتوای پادکست شامل قسمتها، گرافیکها و توضیحات پادکست مستقیماً توسط Skyflow یا شریک پلتفرم پادکست آنها آپلود و ارائه میشوند. اگر فکر میکنید شخصی بدون اجازه شما از اثر دارای حق نسخهبرداری شما استفاده میکند، میتوانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
In this episode, Kirk Marple, CEO and Co-founder of Graphlit, joins the show. Sean and Kirk dive into the world of unstructured data management, discussing the evolution and current challenges in the field.
While structured data has been well-handled since the 1970s, 80-90% of the world’s data remains unstructured, with predictions of 175 billion terabytes by 2025. Despite this vast amount, companies struggle to utilize it effectively due to immature tools and processes. Graphlit was founded to address this gap, providing scalable, maintainable systems with enhanced observability to handle unstructured data efficiently.
Kirk discusses the challenges in data security and privacy when building RAG-based applications. He discusses some of their exploration into PII scrubbing and also controlled access to the vector embeddings based on the roles of a user.
Finally, looking forward, Kirk shares insights into the future of Graphlit and their continued focus on enhancing the accessibility and utility of unstructured data for businesses across various industries.
76 قسمت
اشتراک گذاری
Manage episode 418351977 series 3386287
محتوای ارائه شده توسط Skyflow. تمام محتوای پادکست شامل قسمتها، گرافیکها و توضیحات پادکست مستقیماً توسط Skyflow یا شریک پلتفرم پادکست آنها آپلود و ارائه میشوند. اگر فکر میکنید شخصی بدون اجازه شما از اثر دارای حق نسخهبرداری شما استفاده میکند، میتوانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
In this episode, Kirk Marple, CEO and Co-founder of Graphlit, joins the show. Sean and Kirk dive into the world of unstructured data management, discussing the evolution and current challenges in the field.
While structured data has been well-handled since the 1970s, 80-90% of the world’s data remains unstructured, with predictions of 175 billion terabytes by 2025. Despite this vast amount, companies struggle to utilize it effectively due to immature tools and processes. Graphlit was founded to address this gap, providing scalable, maintainable systems with enhanced observability to handle unstructured data efficiently.
Kirk discusses the challenges in data security and privacy when building RAG-based applications. He discusses some of their exploration into PII scrubbing and also controlled access to the vector embeddings based on the roles of a user.
Finally, looking forward, Kirk shares insights into the future of Graphlit and their continued focus on enhancing the accessibility and utility of unstructured data for businesses across various industries.
76 قسمت
همه قسمت ها
×
In this episode, Sean sat down with Jack Godau to dive deep into the world of pseudoanonymization. They started by discussing Jack's career trajectory working with highly sensitive data and how that experience shapes his engineering mindset. Jack shared how pseudoanonymization differs from anonymization, explaining its value for maintaining data utility while complying with stringent regulations like GDPR. Jack also walked us through the challenges and key components of building a pseudoanonymization engine, including the complexities of handling re-identification risks, ensuring scalability, and optimizing performance for large datasets. He shared insights on the trade-offs between data protection and usability, and whether building these systems in-house is worth the investment for startups. Finally, they explored where the field is heading, especially as data privacy concerns continue to grow.…
In this episode, Sean sits down with Ben Burkert, Co-founder and CTO of Anchor, to dive into the world of certificate management and internal TLS. We explore how certificates and TLS function, the inherent difficulties in managing internal TLS certificates, and why nearly every engineer has a horror story related to it. Ben also shares insights into how Anchor is addressing these challenges and making internal TLS certificate management simpler and more reliable. Key Topics: Understanding Certificates and TLS: Basics of how certificates and TLS work. The role of TLS in securing internal communications. The Challenges of Internal TLS Certificate Management: Why managing internal TLS certificates is so difficult. Common pitfalls and challenges engineers face. Engineer Horror Stories: Real-world examples of certificate management gone wrong. The impact of these failures on teams and organizations. How Anchor is Fixing the Problem: Anchor’s approach to simplifying internal TLS certificate management. Key features and benefits of Anchor’s solution. If you've ever struggled with internal TLS certificates or are looking for a way to avoid the pain altogether, Ben’s expertise provides a clear path to overcoming the challenges of certificate management with a modern, reliable approach. Resources: https://anchor.dev/ https://lcl.host/…
In this episode, we sit down with Ori Rafael, CEO and Co-founder of Upsolver, to explore the rise of the lakehouse architecture and its significance in modern data management. Ori breaks down the origins of the lakehouse and how it leverages S3 to provide scalable and cost-effective storage. We discuss the critical role of open table formats like Apache Iceberg in unifying data lakes and warehouses, and how ETL processes differ between these environments. Ori also shares his vision for the future, highlighting how Upsolver is positioned to empower organizations as they navigate the rapidly evolving data landscape.…
In this episode, Sean Falconer is joined by Aubrey King, solutions architect and community evangelist at F5, to discuss the top 10 security issues for LLM applications. They explore critical threats such as prompt injections, insecure output handling, and training data poisoning, among others. Aubrey provides insights into why these issues arise, the attacks being observed, and the methods used to mitigate these risks. This episode is essential listening for anyone interested in the security of large language models and their applications.…
In this episode, host Sean Falconer sits down with Eric Flaningam, a researcher at Felicis Ventures, to explore the fascinating world of data warehouses. They dive into the history, evolution, and future trends of data warehousing, shedding light on its importance. Key topics discussed include an overview of the article "A Primer on Data Warehouses," and the definition and key characteristics of data warehouses. They also cover the historical evolution and major milestones in data warehousing, the shift from batch processing to real-time data, and the convergence of data warehouses and SQL. Eric and Sean discuss the impact of unstructured and complex data, advancements in technology and their effect on data warehouses, and the technical architecture and components of a typical data warehouse. They share real-world benefits and use cases of data warehouses, common challenges in implementing and maintaining data warehouses, and future trends and the influence of AI and machine learning on data warehouses. For further reading, check out Eric Flaningam’s article, A Primer on Data Warehouses: https://www.generativevalue.com/p/a-primer-on-data-warehouses…
Join us as we chat with Tim Jensen, a privacy enthusiast, about personal online security. Tim shares his journey to becoming a privacy advocate and teacher and provides insights into the common mistakes people make with passwords. We discuss why passwords have persisted for over 60 years, the issues with current password creation methods, and the balance between complexity and usability. We also explore strategies to protect personal information beyond just using better passwords. Finally, Tim shares his thoughts on future approaches to password and identity protection.…
In this episode Sean welcomes Brian Vallelunga, CEO and founder of Doppler, to discuss secrets management. Brian shares the journey of founding Doppler, a company dedicated to securing sensitive data such as API keys and credentials. Sean and Brian discuss the nuances of secrets management, its distinction from password management, and the importance of dedicated services for safeguarding secrets. The episode also addresses the alarming rise in data breaches, common mistakes companies make, and essential practices for managing secrets effectively. Brian offers expert advice on protecting secrets, the necessity for secret rotation, and the future of secrets management.…
In this episode, Sean is joined by Eric Dodds, Head of Product Marketing at RudderStack, to dive into the world of data management, data pipelines, and common data mistakes. Eric shares his insights on when organizations should transition from basic tools like spreadsheets to a more sophisticated data stack, including data warehouses and modern tooling. They discuss the challenges businesses face in data management, specifically about coming up with a common set of definitions that an organization is aligned around. They also discuss how to address these issues, and the importance of secure handling of customer data. Eric also provides an overview of RudderStack, its open-source approach, and the value it brings to managing customer data. Eric shares a ton of practical advice on building and optimizing your data infrastructure.…
In this episode, Kirk Marple, CEO and Co-founder of Graphlit, joins the show. Sean and Kirk dive into the world of unstructured data management, discussing the evolution and current challenges in the field. While structured data has been well-handled since the 1970s, 80-90% of the world’s data remains unstructured, with predictions of 175 billion terabytes by 2025. Despite this vast amount, companies struggle to utilize it effectively due to immature tools and processes. Graphlit was founded to address this gap, providing scalable, maintainable systems with enhanced observability to handle unstructured data efficiently. Kirk discusses the challenges in data security and privacy when building RAG-based applications. He discusses some of their exploration into PII scrubbing and also controlled access to the vector embeddings based on the roles of a user. Finally, looking forward, Kirk shares insights into the future of Graphlit and their continued focus on enhancing the accessibility and utility of unstructured data for businesses across various industries.…
In this episode, Jake Moshenko, CEO and co-founder of AuthZed, joins the show to explore the world of user permissions at scale. Inspired by Google's Zanzibar, AuthZed aims to tackle the challenges of authorization - a less common focus compared to authentication in the tech industry. Jake discusses the initial simplicity and subsequent complications in role-based permission models, where businesses often struggle as they scale and need more nuanced access controls. He explains the Zanzibar paper from Google and the technical challenges with implementing the approach successfully. He explains how AuthZed facilitates a flexible and maintainable permission system and how companies get started.…
In this episode host Sean Falconer is joined by Aaron Painter, CEO of Nametag, to explore the evolving threat and potential of AI deepfakes. They discuss the increasing sophistication of deepfake technology, highlighted by the significant rise in incidents such as the Retool hack, and how these technologies can manipulate public perception and security. Aaron discusses the development of technologies to both create and detect deepfakes, discussing the arms race that pits innovation against security. Aaron shares insights into how his company, Nametag, is at the forefront of combating deepfake fraud by protecting identity data and providing solutions for both companies and individuals to safeguard themselves. They conclude with thoughts on the future, discussing the ongoing technological advancements that are expected to play a crucial role in the fight against deepfakes, aiming to balance innovation with security in the digital landscape.…
In this episode we’re joined by Shubh Sinha, CEO and Co-founder of Integral, to discuss the protection and utilization of sensitive health data. Shubh shares insights from his varied career in sales, engineering, and product management, and dives into the challenges of maintaining privacy and security in healthcare. The conversation covers HIPAA regulations, the balance of securing data while keeping it accessible, and the role of generative AI in healthcare innovations. Tune in for a detailed look at how technology is shaping the future of patient treatment and data privacy.…
In this episode, we dive into the world of MLOps, the engine behind secure and reliable AI/ML deployments. MLOps focuses on the lifecycle of machine learning models, ensuring they are developed and deployed efficiently and responsibly. With the explosion of ML applications, the demand for specialized tools has skyrocketed, highlighting the need for improved observability, auditing, and reproducibility. This shift necessitates an evolution in ML toolchains to address gaps in security, governance, and reliability. Jozu is a platform founded to tackle these very challenges by enhancing the collaboration between AI/ML and application development teams. Jozu aims to provide a comprehensive suite of tools focusing on efficiency throughout the model development and deployment process. This conversation discusses the importance of MLOps, the limitations of current tools, and how Jozu is paving the way for the future of secure and reliable ML deployments. Resources: Jozu KitOps…
In this episode, we dive deep into the world of prompt injection attacks in Large Language Models (LLMs) with the Devansh, AI Solutions Lead at SVAM. We discuss the attacks, existing vulnerabilities, real-world examples, and the strategies attackers use. Our conversation sheds light on the thought process behind these attacks, their potential consequences, and methods to mitigate them. Here's what we covered: Understanding Prompt Injection Attacks: A primer on what these attacks are and why they pose a significant threat to the integrity of LLMs. Vulnerability of LLMs: Insights into the inherent characteristics of LLMs that make them susceptible to prompt injection attacks. Real-World Examples: Discussing actual cases of prompt injection attacks, including a notable incident involving DeepMind researchers and ChatGPT, highlighting the extraction of training data through a clever trick. Attack Strategies: An exploration of common tactics used in prompt injection attacks, such as leaking system prompts, subverting the app's initial purpose, and leaking sensitive data. Behind the Attacks: Delving into the minds of attackers, we discuss whether these attacks stem from a trial-and-error approach or a more systematic thought process, alongside the objectives driving these attacks. Consequences of Successful Attacks: A discussion on the far-reaching implications of successful prompt injection attacks on the security and reliability of LLMs. Aligned Models and Memorization: Clarification of what aligned models are, their purpose, why memorization in LLMs is measured, and its implications. Challenges of Implementing Defense Mechanisms: A realistic look at the obstacles in fortifying LLMs against attacks without compromising their functionality or accessibility. Security in Layers: Drawing parallels between traditional security measures in non-LLM applications and the potential for layered security in LLMs. Advice for Developers: Practical tips for developers working on LLM-based applications to protect against prompt injection attacks. Links: Devansh on LinkedIn AI Made Simple…
In this episode, Joice John, Senior Product Manager at Skyflow, joins the show to discuss the complexities of managing privacy and security with unstructured data. Joice explains what unstructured data is and its distinction from structured data, and then dives into the technologies that tackle these challenges. Joice discusses the unique privacy concerns and significant security risks unstructured data poses, highlighting why they're especially tough to mitigate. Sean and Joice also discuss the support modern data lakes offer for secure unstructured data management, alongside Skyflow’s solutions for overcoming analytics challenges and protecting sensitive customer information.…
In this episode, we dive into the realm of cloud security with Merritt Baer, Field CISO of Lacework. Together, we look at the complex tapestry of perceptions surrounding on-premises security versus the cloud, shedding light on why some still view on-prem as the safer option. Merritt lends her expertise to dissect the trade-offs that companies face by remaining in the traditional on-premises sphere rather than embracing the potential of the cloud. We explore the security considerations unique to the cloud-native world, offering insights into what it takes to navigate this transformation securely. Whether you're a seasoned professional or just beginning your cloud journey, this episode will expand your understanding of cloud security, uncovering the pros, cons, and crucial factors to ponder when venturing into the realm of cloud computing. Topics: Why do people think on-prem is more secure? What are the tradeoffs a company is making when they refuse to move to the cloud? What are the new challenges facing a company once they’ve moved to the cloud from a security perspective that perhaps they didn’t face in the on-prem world? Does the cloud reduce or increase your security risk footprint? Does the type of talent and team look different? How are cloud-native security tools and platforms different from traditional on-premises security solutions? How do you manage security at this kind of scale? As organizations adopt multi-cloud and hybrid cloud strategies, how do you recommend they maintain consistent security measures across different cloud environments? What are some emerging security threats in the cloud landscape, and how can organizations proactively defend against them? What is keeping CISOs up at night?…
In this episode, we explore the world of General Data Protection Regulation (GDPR) Catawiki’s Data Protection Lead Paul Breitbarth. We cover GDPR's history, business essentials, compliance significance, and the art of harmonizing business objectives with regulatory demands. Paul breaks down key GDPR components, emphasizing their role in safeguarding data privacy. From data handling to breach notification, listeners gain insights into essential compliance steps. The heart of the conversation revolves around the challenge of balancing business goals with GDPR rules. Practical strategies are discussed, including privacy-conscious approaches and effective data protection policies. This episode is a guide for businesses and individuals navigating GDPR's complexities, offering actionable insights for responsible data management and privacy protection. Topics: What was the immediate impact on businesses when GDPR came into effect? How did the world respond? What are the main requirements of a business when it comes to GDPR? What are the key rights granted to individuals under GDPR, and how can they exercise these rights? What are the technical requirements? What are some common challenges businesses face when implementing GDPR compliance? How has GDPR influenced the handling of data breaches and security incidents? What are the fines for non-compliance? What does it mean to be compliant? Can you really be 100% compliant? Is that realistic? How can a business navigate GDPR compliance, balance all the needs, and still do business? What are the responsibilities and obligations of data processors and data controllers under GDPR? Are there any recent updates or amendments to GDPR that businesses should be aware of? What’s the future of GDPR?…
In this episode, Ray Everett, Head of Privacy and Data Protection at Avellino Lab, joins the show to discuss the rise of the privacy officer. The conversation delves into the essential role of privacy officers, providing listeners with a comprehensive understanding of their responsibilities and the challenges they encounter. Ray offers practical advice on effectively finding and hiring privacy officers, as well as initiating and managing successful privacy programs. This episode is a must-listen for anyone seeking to navigate the ever-evolving landscape of privacy protection. Topics: How has the privacy landscape changed throughout your career? What are some of the big changes from when you started to today? Can you describe the role and responsibilities of a Chief Privacy Officer? How has this evolved over time? What does this function end up looking like within a large organization? Who’s on the team? When should a company be building a privacy function? How do they know they need it? When a company decides to establish a privacy officer role, what factors should they consider in determining the scope and authority of the position? How does one go about finding a qualified privacy officer? What skills, qualifications, and experience should be sought after? What sets a great privacy officer apart from an average one? Let’s say I’m a founder and I realize I should hire a privacy officer and build a privacy function, but I have no experience with it, I just know I need to do it. Where do I start? How do I know what to look for in a potential candidate? During the hiring process, what specific interview questions should I be asking? What kind of positive or negative signals should I be testing for? Even when privacy organizations exist, they are often under-resourced and under-appreciated. What are your suggestions or thoughts on how a privacy officer can work with an organization to prevent this from happening? What’s the typical career path for someone looking to move into privacy? What do you recommend for those listening that might want to build a career in privacy? What are your thoughts on the future of the privacy officer? Will they own more budget, have more authority? Resources: Ray Everett LinkedIn International Association of Privacy Professionals…
In the podcast episode Jodi Daniels, Founder & CEO of Red Clover Advisors, and Justin Daniels, Legal and Corporate Counsel at Baker Donelson, share valuable insights on privacy and security considerations in product development. They discuss the common mistakes made and the crucial questions to ask when designing new products, emphasizing the need for proactive data protection. Jodi and Justin delve into core principles and best practices for integrating privacy-by-design, highlight the risks of neglecting privacy and security during product development, and explore ways to balance innovation and functionality with privacy and data protection requirements. They also address the importance of ingraining privacy and security throughout the product life cycle and provide guidance on evaluating the privacy and security implications of emerging technologies like AI. Topics: From your point of view, what do you think is the biggest mistake or oversight people make when building new products when it comes to privacy and security? What kind of questions should I be asking myself when designing a new product when it comes to data protection? What are the core principles and best practices for operationalizing privacy-by-design when developing new products? What are the potential risks and challenges associated with neglecting privacy and security considerations during the product development phase? How can organizations effectively balance the need for innovation and functionality with the requirements of privacy and data protection? What steps can companies take to ensure that privacy and security are ingrained throughout the product life cycle, from design to deployment? Are there any specific regulations or standards that companies should be aware of when it comes to privacy and security in new product development? What are some of the privacy and security challenges facing companies interested in generative AI? When it comes to any kind of new technology, like AI, how can individuals and businesses evaluate the privacy and security implications before integrating them into their operations? What are some common misconceptions or myths surrounding privacy and security in AI, and how can they be addressed? Resources: Data Reimagined: Building Trust One Byte at a Time…
In this episode, Rachael Ormiston, Head of Privacy at Osano, joins the show to discuss the impact of generative AI on privacy. We covered a wide range of topics, including Rachael's initial impression of ChatGPT and the risks associated with generative AI. We also explored Italy's recent ban on ChatGPT, the measures that can be taken to mitigate risks and protect privacy, and how businesses and organizations can leverage generative AI responsibly without infringing on people's privacy rights. Furthermore, we delved into the role of policymakers in regulating the use of generative AI to ensure privacy protection, as well as the ethical considerations that should be taken into account. Rachael provided valuable insights on how individuals can protect their privacy in the age of generative AI and the steps they can take to safeguard their personal information. Finally, we discussed the future of generative AI, highlighting the need to harness its potential while ensuring that privacy remains a top priority. Join us in this enlightening conversation as we navigate the intersection of Generative AI and privacy, gaining valuable insights from Rachael Ormiston's expertise. Topics: What was your first impression of ChatGPT? How can generative AI impact privacy, and what are some of the risks associated with it? Recently Italy became the first western country to ban ChatGPT, why did they do this? What might this mean for other countries? What measures can be taken to mitigate the risks of generative AI, and how can we ensure that privacy is protected? How can businesses and organizations leverage generative AI while ensuring that they don't infringe on people's privacy rights? How can policymakers regulate the use of generative AI to ensure that it doesn't infringe on people's privacy rights? What ethical considerations should be taken into account when using generative AI, and how can we ensure that it is used responsibly? How can individuals protect their privacy in the age of generative AI, and what steps can they take to safeguard their personal information? What is the future of generative AI, and how can we harness its potential while ensuring that it doesn't pose a threat to our privacy?…
In this podcast episode, Jimmy Fong, Chief Commercial Officer at Seon, discusses online fraud and the role of Seon's fraud prevention tool. Jimmy covers common fraud patterns, evolving tactics, and the challenges of distinguishing legitimate user behavior from fraudulent activities. He shares Seon's journey, emerging fraud patterns, and best practices for security. Jimmy emphasizes collaboration and information sharing, highlighting the potential of generative AI in fraud prevention. Topics: How does online fraud work and why is it such a concern for online businesses and consumers? What are some common fraud patterns that individuals or businesses should be aware of when conducting transactions online? How has fraud patterns changed over time? How do fraudsters typically exploit vulnerabilities in online systems to carry out their fraudulent activities? Why fraudulently submit demo requests to a business? What is a fraudster attempting to do? What are the challenges and complexities involved in distinguishing between legitimate user behavior and fraudulent activities? How did Seon start? Are there any notable trends or emerging fraud patterns that you've observed recently? How should businesses adapt to stay ahead of evolving fraud tactics? What are some best practices that individuals and businesses can implement to enhance their overall security posture and minimize the risk of falling victim to online fraud? How important is collaboration and information sharing between businesses, industry associations, and law enforcement agencies in combating online fraud? Are there any notable initiatives in this regard? In your opinion, what does the future of fraud prevention look like? What role might generative AI play on both sides? Resources: Seon SEON Cat & Mouse Podcast…
Manny Silva, Skyflow’s Head of Documentation, joins the podcast to share his journey of tinkering with generative AI systems and building a private GPT trained on internal Skyflow documents. Manny discusses his first impression of ChatGPT, how he got interested in this space as a technical writer, and the non-obvious insights he gained along the way. He addresses common misconceptions about GPT, particularly regarding privacy and security. Manny explains the concept of creating a private GPT and explores the reasons why organizations would want to implement it. He provides valuable insights into effectively integrating a private GPT into existing workflows and systems, along with the challenges and considerations companies should be aware of. Manny shares best practices for training and fine-tuning a private GPT to ensure optimal performance and accuracy. He delves into the impact of his work at Skyflow and the enhanced productivity observed in the field. Finally, Manny looks ahead to future advancements and trends in the field of private GPTs and discusses their transformative potential in the realms of documentation, product launches, and marketing. Topics: When you first saw ChatGPT, what was your first impression? As a technical writer, how did you get so interested in this space and start tinkering with the Open AI platform and APIs? What are some of the non-obvious things you learned as you dove into this? What are some of the common misconceptions you’re seeing when it comes to GPT, in particular when talking about privacy and security? What’s it mean to create a private GPT and why would someone want to do that? How can organizations effectively implement and integrate a private GPT into their existing workflows and systems? What are some common challenges or considerations that companies should be aware of when building and utilizing a private GPT? What are some best practices and strategies for training and fine-tuning a private GPT to ensure optimal performance and accuracy? Can you describe what you built at Skyflow that leverages private GPT?\ What kind of impact are you seeing in terms of yours or other people’s productivity? Looking ahead, what advancements or trends can we expect to see in the field of private GPTs, and how will they continue to transform the way we work with documentation, product launches, and marketing? Resources: Privacy-First AI: Harnessing Snowflake and Skyflow to Customize GPT Generative AI Data Privacy with Skyflow GPT Privacy Vault…
In this episode, Ashley Jose, a product lead at Skyflow with a decade of experience in SaaS product management, explores the importance of data governance in today's data-driven world. He discusses the impact of growing data on business decisions and highlights the key components of an effective data governance framework. Ashley addresses misconceptions, explains the evolution of data governance, and its intersection with data privacy regulations. He also explores how data governance works within Skyflow's data privacy vault approach. Ashley addresses common misconceptions about data governance and dispels myths surrounding the topic. He then delves into the evolution of data governance in the face of big data and technological advancements, highlighting both new challenges and opportunities. He explains how organizations must navigate privacy regulations like GDPR and incorporate them into their data governance strategies. Drawing on Skyflow's expertise in data privacy vaults, Ashley explains how data governance functions within their approach. He demonstrates how this approach addresses challenges related to controlling access to sensitive data. Ashley provides practical advice for engineers and technical professionals looking to enhance their involvement in data governance initiatives. Topics: How has the growth of data that businesses store, process, and analyze impacted how they make business decisions? Can you explain what data governance is and why it is important in the context of today's data-driven world? What are the key components of a comprehensive data governance framework? What are the main challenges organizations face when implementing effective data governance practices? How does data governance impact engineers and technical teams directly? What role do they play in ensuring successful data governance? What are some common misconceptions or myths about data governance that you often come across? How would you address them? With the rise of big data and advancements in technology, how has data governance evolved over the years? Are there any new challenges or opportunities that have emerged? How does data governance intersect with data privacy and compliance regulations, such as GDPR or CCPA? In the context of Skyflow and the data privacy vault approach to the management of sensitive data, how does data governance work? How does a data privacy vault help address some of the challenges with controlling access to sensitive data? Are there any emerging trends or technologies in the data governance space that you find particularly interesting or promising? Do you have any practical advice or recommendations for engineers and technical professionals who want to enhance their understanding and involvement in data governance initiatives within their organizations? Resources: Introducing the Skyflow Data Governance Engine Data Access Control with lakeFS’s Adi Polak The Partially Redacted 2022 Year in Review with Skyflow’s Ashley Jose…
In this episode, Anshu Sharma, CEO and co-founder of Skyflow highlights the alarming disparity between the millions of dollars companies invest in cybersecurity and the persistent occurrence of breaches and cyber attacks. Despite these hefty investments, current approaches to cybersecurity are simply not enough to protect customer data. It's like putting a bandaid on a broken arm - it might temporarily cover the problem, but it won't heal the underlying issue. According to Anshu, what we truly need is a security by default approach. We require systems that not only secure customer Personally Identifiable Information (PII) but also understand and handle the various types of workflows involving PII. This means implementing measures that go beyond mere protection and actively support the necessary tasks and operations involving sensitive data. Skyflow has developed technology that addresses these challenges. Skyflow not only ensures the security of PII but also supports the specific workflows associated with it. By doing so, Skyflow's technology effectively insulates applications from the burdensome responsibility of managing customer data, allowing organizations to focus on their core business objectives. Topics: Are we getting better at protecting customer data or worse? Why has the software industry failed at cybersecurity? How do you think the trend towards increased regulation and oversight of the cybersecurity industry will impact the development and adoption of new security technologies? What is security-by-default? What are some of the tactics companies can use to build products that are secure-by-default? How does this approach potentially change the culture of the company? What’s an example of a company building products with security built-in? What inspired you to start Skyflow, and how does your solution address the current challenges with cybersecurity in the software industry? What is the key difference between what Skyflow offers and what’s historically been done by businesses for data protection? How do you see the software industry evolving in terms of cybersecurity in the next few years, and what role do you think companies like Skyflow will play in this transformation? What’s next for Skyflow? Resources: The software industry has failed at cybersecurity. What, now? Privacy by Architecture with Anshu Sharma…
1 Engineering for Data Privacy: Navigating Infrastructure, Security, and Compliance with Skyflow’s Roshmik Saha 44:33
In this episode Roshmik Saha, Head of Engineering at Skyflow, dives into the fascinating realm of data privacy and security solutions. Whether you're considering building your own privacy solution or seeking insights into the infrastructure requirements for handling credit card data securely, this episode has you covered. One important aspect that often goes underestimated is the maintenance costs associated with data privacy solutions. Roshmik emphasizes the significance of factoring in long-term maintenance expenses, as these solutions require ongoing updates, monitoring, and enhancements to adapt to evolving threats and regulations. It's crucial to recognize that compliance is merely a baseline and that solely building for compliance may not offer state-of-the-art security. Roshmik shares his expertise on how to go beyond compliance and implement robust security measures to protect sensitive data effectively. During the conversation, Roshmik highlights key considerations and features when building a data privacy solution to securely store and govern access to data. From encryption techniques and access control mechanisms to comprehensive auditing capabilities, he offers insights into the foundational elements required for a robust privacy solution. Additionally, he emphasizes the importance of incorporating state-of-the-art security technologies and features to reduce the risk of data breaches and potential reputational damage. Scalability is another critical aspect to address when developing a data privacy solution. Roshmik sheds light on the challenges faced by engineering teams in ensuring that the solution can meet the needs of a growing organization. He discusses strategies for building a scalable architecture that can handle increasing data volumes, user demands, and operational complexities. Throughout the episode, Roshmik provides practical advice and shares his thoughts on various topics, including the future of data privacy and security technologies. By drawing from his vast experience and expertise, you'll gain valuable insights into building a data privacy solution that not only meets regulatory requirements but also ensures resilience against cyber attacks. Topics: If I told you I was starting a B2C company and I was going to build my own privacy and security solution, what would your advice be Considering just credit card data, what would I need from an infrastructure standpoint to securely store, handle, and process credit card data? Beyond infrastructure costs, what other types of costs would I need to think through? What are the types of features or technologies I’d need to build to meet existing privacy requirements but also reduce the risk that I end up in the news for a data breach? What are the key considerations or features when building a data privacy solution to securely store data and govern access? What’s the engineering cost to build and maintain these? What kind of expertise does an engineering team require to build something that you think not only meets regulatory requirements, but also is resilient to cyber attacks? What are the most important security measures that need to be put in place to protect data privacy? How do you test and evaluate the effectiveness of the data privacy solution? How do you ensure that the data privacy solution remains up-to-date with evolving data privacy regulations and best practices? What are the biggest challenges that engineering teams face when building a data privacy solution? How do you ensure that the data privacy solution is scalable to meet the needs of a growing organization? Why do you think companies try to do this themselves? How do you ensure that the Skyflow is resilient to cyber attacks and other security threats? What advice would you give to other engineering teams building a data privacy solution for their organization? Are there any future data privacy or security technologies you’re excited about?…
In this episode, Constantine Karbaliotis from nNovation, a certified privacy professional with a wealth of experience in the field of privacy and data protection joins the show. Constantine has served as a privacy officer for two multinational corporations, and now serves multiple organizations as a privacy advisor. Constantine is well-versed in a range of privacy program management areas, including policy development, implementing PIA/PbD programs, vendor privacy management, breach management and response, addressing notice, consent, and data subject rights issues, as well as contract issues such as data transfer agreements and security/privacy addenda. During our conversation, we explore the evolution of Canadian data privacy regulations, from their early beginnings to the current landscape, which is shaped by a range of federal and provincial laws. We discuss the primary Canadian privacy regulations that individuals and organizations should be aware of, and the differences between federal and provincial privacy laws, and how they impact individuals and organizations. We also delve into how the Canadian government enforces privacy regulations, and the penalties that individuals and organizations can face for non-compliance. Additionally, we examine how recent high-profile data breaches have affected Canadian privacy regulations and the changes made in response. We explore the challenges posed by emerging technologies, such as artificial intelligence and the Internet of Things, and their impact on Canadian privacy regulations. We also look at how individuals and organizations can stay up-to-date with the latest developments in Canadian privacy regulation and the resources available to help them comply. Topics: How has Canadian privacy regulation evolved over the years, and what impact has this had on individuals and organizations? What are the primary Canadian privacy regulations that individuals and organizations should be aware of? What are the differences between federal and provincial privacy laws in Canada, and how do they impact individuals and organizations? How does the Canadian government enforce privacy regulations, and what penalties can individuals and organizations face for non-compliance? How have recent high-profile data breaches affected Canadian privacy regulations, and what changes have been made in response? How does Canadian privacy regulation compare to other countries, such as the EU's General Data Protection Regulation (GDPR)? How can individuals and organizations stay up-to-date with the latest developments in Canadian privacy regulation, and what resources are available to help them comply? How do emerging technologies, such as artificial intelligence and the Internet of Things, affect Canadian privacy regulations, and what challenges do they pose? What do you see as the future of Canadian privacy regulation, and how do you think it will continue to evolve in the years to come? Resources: nNovation…
In today's digital age, data privacy and security have become critical concerns for companies of all sizes. One way for companies to demonstrate their commitment to protecting customer data is by achieving SOC-2 compliance. But what exactly is SOC-2, and how can companies achieve it? To answer these questions, Daniel Wong, Head of Security and Compliance at Skyflow, joins the show to share his insights into SOC-2 compliance and the steps companies can take to achieve it. Throughout the interview, Daniel explains what SOC-2 compliance is, why it's important, and how it differs from other compliance standards. He also walks us through the key steps businesses can take to achieve SOC-2 compliance, including risk assessment, gap analysis, and remediation. Daniel also highlights the benefits of using Skyflow's platform to achieve SOC-2 compliance, such as its ability to help companies protect sensitive data while still enabling secure data sharing. He also discusses the challenges that businesses may face when pursuing SOC-2 compliance and how to overcome them. Whether you're a business owner or a data privacy professional, this interview with Daniel Wong provides valuable insights into SOC-2 compliance and how to achieve it. Topics: Can you explain what SOC-2 compliance is, and why it's important for businesses to achieve it What’s the difference between SOC-2 Type 1 and Type 2? How do these compare to ISO 27001? How does SOC-2 compliance differ from other compliance standards, such as PCI DSS or HIPAA? What are some common challenges that businesses face when pursuing SOC-2 compliance, and how can they overcome them? Can you walk us through the key steps that businesses need to take to achieve SOC-2 compliance? Skyflow Data Privacy Vault is SOC-2 compliant, how long did that take and what was involved? What’s that mean for our customers that want to achieve SOC-2 compliance? What advice would you give to businesses that are just starting their SOC-2 compliance journey? With something like a car, I can’t just manufacture a car in my house and start selling it. There’s certain inspections from a safety perspective that I have to pass. Do you think software needs more requirements like this before you can just launch something and start having people use it? Where do you see standards like SOC-2 going in the future? Resources: Common Data Security and Privacy Mistakes with Daniel Wong Skyflow is Certified SOC 2 Compliant…
Data access control is becoming increasingly important as more and more sensitive data is being stored and processed by businesses and organizations. In this episode, the VP of Developer Experience at lakeFS, Adi Polak, joins to help define data access control and give examples of sensitive data that requires access control. Adi also talks about the concept of role-based access control (RBAC), which differs from traditional access control methods and provides several advantages. The steps involved in implementing RBAC are discussed, as well as best practices and challenges. Real-world examples of RBAC implementation and success stories are provided, and lessons learned from RBAC implementation are shared. We also discuss lakeFS, an open-source platform that provides a Git-like interface for managing data lakes. In particular, we get into the data management controls, the security and privacy features, and the future of the product. Topics: What are some common types of data access controls? Why are these types of controls important? How can RBAC help organizations better manage and secure their data? What are some challenges in implementing effective data access controls? How can organizations balance data security with the need to provide employees with the information they need to do their jobs? What are some best practices for managing data access control? How do you ensure that data access controls remain effective over time as your organization grows and changes? What is lakeFS? What model of data access management does lakeFS support? What are some of the other privacy and security features of lakeFS? What’s next for lakeFS? Anything you can share? Where do you see data access control going in the next 5-10 years? Resources: lakeFS Roadmap Scaling Machine Learning with Spark: Distributed ML with MLlib, TensorFlow, and PyTorch…
Europe has seen a significant evolution in privacy regulation over the past decade, with the introduction of the EU's General Data Protection Regulation (GDPR) in 2018 being a significant milestone. The GDPR establishes a comprehensive framework for protecting personal data and gives individuals greater control over how their data is collected, processed, and used. The impact of these privacy regulations on businesses has been significant. Companies that operate in the EU or process EU citizens' data must comply with the GDPR's requirements or face significant fines and other penalties. This has required many businesses to implement new processes and technologies to ensure compliance, such as appointing data protection officers, conducting privacy impact assessments, and implementing data subject access request processes. One particularly tricky situation to navigate for businesses is transatlantic data transfers. Transatlantic data transfers face numerous challenges, including differing legal frameworks and data protection standards between the European Union (EU) and the United States (US). These differences can create legal uncertainty and potential risks for companies that transfer personal data across the Atlantic. In particular, the invalidation of the EU-US Privacy Shield framework by the European Court of Justice in 2020 has left companies without a clear mechanism for transatlantic data transfers, highlighting the need for a new agreement that meets the requirements of both the EU and the US. Additionally, concerns about government surveillance and data breaches have further complicated the transatlantic data transfer landscape, underscoring the need for strong data protection measures and clear regulatory frameworks. Privacy and data protection writer and expert Robert Bateman, who has published over 1500 articles related to privacy, joins the show to breakdown the evolution of privacy regulations in Europe, the impact that’s had on businesses, and explain the challenges surrounding transatlantic data transfers. Topics: How have privacy regulations evolved and what impact have they had for businesses? Can you discuss some of the history of Meta challenges in Europe? How enforceable are the fines? Do companies actually end up paying the fines? What are the key concerns around transatlantic data transfers? How do the cultural differences between the US and EU impact their approach to privacy and what impact has this had? How do organizations ensure compliance with privacy laws when transferring data between the US and EU? EU and US data transfers. How do we make progress? Could someone build meta from scratch today such that it is in compliance or is a business like this something that just can't exist under European privacy laws? What are your thoughts on the impact that generative AI might have on privacy? Resources: Data Protection Newsletter…
Zero trust infrastructure is an approach to security that requires all users, devices, and services to be authenticated and authorized before being granted access to resources. Unlike traditional security models that assume everything inside the network is trusted, zero trust assumes that all traffic is untrusted. In today's world, where cyber threats are becoming increasingly sophisticated, Zero trust infrastructure is crucial for protecting sensitive data and preventing unauthorized access. Hashicorp is a company that provides a suite of tools for building and managing secure systems. Their products, such as Vault, Consul, and Boundary, can help organizations implement a zero trust approach to security. Vault is a tool for securely storing and managing secrets such as passwords, API keys, and certificates. It provides a centralized place to manage access to secrets and has several features to ensure the security of these secrets, such as encryption, access control, and auditing. Consul is a service discovery and configuration tool that provides a secure way to connect and manage services across different networks. It provides features such as service discovery, health checking, and load balancing, and can be integrated with Vault for secure authentication and authorization. Boundary is a tool for securing access to infrastructure and applications. It provides a secure way to access resources across different networks and can be integrated with Vault and Consul for secure authentication and authorization. Rosemary Wang, Developer Advocate at Hashicorp joins the show to explain zero trust infrastructure and how Vault, Consul, and Boundary help organizations build zero trust into their architecture. Topics: Why do you think we need developer tooling for access and authorization at a lower level within someone’s infrastructure? Can you explain what zero trust is and why it's important for modern security architectures? How does HashiCorp Vault, Boundary, and Consul fit into a zero trust security model? What is HashiCorp Vault and what problem does it help a company solve? What are some common use cases for HashiCorp Vault, and how can it help organizations with their security and compliance requirements? How does HashiCorp Vault handle secrets rotation and expiration? What is application based networking and how does this concept relate to HashiCorp Consul? Can you walk us through the process of setting up and configuring HashiCorp Consul for a typical enterprise environment? What are some common challenges or pitfalls that organizations face when using HashiCorp Consul, and how can they overcome them? How does Boundary simplify remote access to critical resources in a zero trust environment? What are some common use cases for HashiCorp Boundary, and how can it help organizations with their security and compliance requirements? How does HashiCorp approach balancing security with ease of use for its products? Can you talk about any upcoming features or developments in Vault, Boundary, or Consul that users should be excited about? Resources: @joatmon08…
به Player FM خوش آمدید!
Player FM در سراسر وب را برای یافتن پادکست های با کیفیت اسکن می کند تا همین الان لذت ببرید. این بهترین برنامه ی پادکست است که در اندروید، آیفون و وب کار می کند. ثبت نام کنید تا اشتراک های شما در بین دستگاه های مختلف همگام سازی شود.
Daily Deals
Daily Deals
مشابه Partially Redacted: Data, AI, Security, and Privacy
BBC Radio 5 live’s award winning gaming podcast, discussing the world of video games and games culture.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
We help founders make something people want.
…
continue reading
Player FM - برنامه پادکست
با برنامه Player FM !
با برنامه Player FM !
))
