Category: 3-SometimeTechTalk

Links from the show:

• Meilisearch
• Laravel Scout - Laravel - The PHP Framework For Web Artisans
• PhpStorm 2022.1 EAP #6 | The PhpStorm Blog
• https://spatie.be/mailcoach/webview/campaign/1e7a1c17-6b33-4ee1-82ea-738bb3af2f93
• Too much magic? — Matthias Noback - Blog
• https://m.dotdev.co/design-pattern-service-layer-with-laravel-5-740ff0a7b65f
• https://luis-barros-nobrega.medium.com/laravel-service-layer-with-dtos-and-validators-2c6303899a57
• Creator of the GIF, Stephen Wilhite, dies
• GitHub - milroyfraser/pest-plugin-gwt

This episode of PHPUgly was sponsored by:

• Honeybadger.io - https://www.honeybadger.io/

PHPUgly streams the recording of this podcast live. Typically every Thursday night around 9 PM PT. Come and join us, and subscribe to our Youtube Channel, Twitch, or Periscope. Also, be sure to check out our Patreon Page.

Twitter Account https://twitter.com/phpugly

Host:

• Eric Van Johnson
• John Congdon
• Tom Rideout

Streams:

• Youtube Channel
• Twitch
• Periscope

Powered by Restream

Patreon Page

PHPUgly Anthem by Harry Mack / Harry Mack Youtube Channel

Thanks to all of our Patreon Sponsors:

Honeybadger ** This weeks Sponsor **

ButteryCrumpet
Shawn
David Q
Ken F
Tony L
Frank W
Jeff K
Shelby C
S Ferguson
Boštjan O
Matt L
Dmitri G
Knut E B
Marcus
MikePageDev
Rodrigo C
Billy
Darryl H
Mike W
Holly S
Peter A
Ben R
Luciano N
Elgimbo
Wayne
Kevin Y
Alex B
Clayton S
Kenrick B
R. C. S.
ahinkle
Enno R
Sevi
Maciej P
Jeroen F
Ronny M N
Charlton
F'n Steve
Robert
Thorsten
Emily
Joe F
Andrew W
ulrick
John C
James H
Eric M
Laravel Magazine
Ed G
Jackson W

Vercel is a developer-first, frontend-focused platform. Together with Google and Meta, Vercel built Next.js, an open-source React framework that helps developers build high-performance web experiences with ease.

PlanetScale is a MySQL-compatible serverless database platform that enables infinite SQL horizontal scale.

Tools like Webflow and Squarespace have made web development accessible for casual programmers, but what does this mean for professional developers?

This week’s Lifeboat badge goes to user Michael Thelin for their answer to How can I play a Spotify audio track with Python?.

Find Guillermo on LinkedIn here.

Find Sam on LinkedIn here.

Vercel is a developer-first, frontend-focused platform. Together with Google and Meta, Vercel built Next.js, an open-source React framework that helps developers build high-performance web experiences with ease.

PlanetScale is a MySQL-compatible serverless database platform that enables infinite SQL horizontal scale.

Tools like Webflow and Squarespace have made web development accessible for casual programmers, but what does this mean for professional developers?

This week’s Lifeboat badge goes to user Michael Thelin for their answer to How can I play a Spotify audio track with Python?.

Find Guillermo on LinkedIn here.

Find Sam on LinkedIn here.

See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Dr. Gordon Jones just turned 60 years old, but you wouldn't know it from his energetic, vibrant tone. He has his doctorate in Health Administration, but he got into Health Technology in 1997. He lives in South Carolina, with his wife and five adopted children. Dr. Jones and his wife adopted their first child 1 year after they were married, as they felt led by God before they were married to pursue this path. Their main family activity is watching movies together, but they love to throw the frisbee, travel, and ultimately being together doing new things.

While teaching at the university, Dr. Jones came across a student's idea to provide security around her identify. In addition to that, he had recently gone through a lengthy background check process, which required the re-verification of several bits of information. He decided to solve both of the problems, by creating a solution using the blockchain.

This is the creation story of Thrivacy.

Sponsors

• Immediate
• Orbit
• Postmark
• Stytch
• Verb Data
• Webapp.io

Links

• Website: https://www.thrivacy.io/
• LinkedIn: https://www.linkedin.com/in/drgordonjones/

Our Sponsors:
* Check out Vanta: https://vanta.com/CODESTORY


Support this podcast at — https://redcircle.com/code-story/donations

Advertising Inquiries: https://redcircle.com/brands

Privacy & Opt-Out: https://redcircle.com/privacy

Once a company reaches a certain size, their customers might start asking for proof that it has good security and data habits. They want to know if there’s a business continuity plan in place in case disaster strikes. For many companies, formalizing this proof means submitting to an auditing process known as SOC 2. If you’re a developer at one of these companies, particularly if you provide or use SaaS applications, you’ll end up having to implement the controls these audits require. 

On this sponsored episode of the podcast, Ben and Ryan talk with James Ciesielski, CTO and co-founder, and Megan Dean, information security and risk compliance manager, both of Rewind. We talk about how you can prep for and successfully get through a SOC 2 audit, how backing up your SaaS data can provide business continuity, and the benefits of establishing a relationship with your auditor. 

A SOC 2 report shows your customers the level of security controls that you have in place. It’s based on the auditing standards set by the American Institute of Certified Public Accountants. You tell them what controls you have in place and they verify it. Once a company starts attracting enterprise-level customers, a SOC 2 becomes a must-have. 

Companies perform SOC 2 audits using a variety of tools: sometimes it’s purpose-built SaaS tools; sometimes it’s a cascade of spreadsheets. Ultimately, what’s important is providing an audit trail for your controls, a record that proves that your security does what you claim it does. Trust, but verify. 

The process can grow complicated, as companies can have 100 to as many as 300 SaaS applications running in their business. That’s a lot of important business data on someone else’s cloud. Many of these SaaS applications operate data on the shared responsibility model: they ensure the service is available and secure, and you ensure that your data is accurate and secure. 

A key part of these security controls is disaster recovery and business continuity. Imagine that you’re using a SaaS application to track your audit process. What happens if a disgruntled employee wrecks your data, or your cat walks over your keyboard, hitting just the right combination of keys to delete something important? Or what if you unwittingly get flagged on a T&C violation and get deplatformed? Your audit trail could be lost if you haven’t upheld your end of the shared responsibility model and backed up your data. 

Ultimately, having experts who know the process can help. Your auditor, too, can be a resource, so get to know them. They want you to succeed. They want to help you improve your audit process because it makes their lives easier.

Teddy Schleifer covers billionaires as a reporter and founding partner at Puck. He joins Big Technology Podcast to discuss the sanctions against Russian oligarchs, how (and if) oligarchs differ from billionaires, and whether putting pressure on the oligarchs can help end Russia's war in Ukraine. Stay tuned for the second half where we discuss tech's connection to the oligarchs, and whether their money plays a role in Silicon Valley.