Casey is right, but the whole point for the Rivian position is they see themselves as the car software platform of the future. The idea we want primarily phone UIs in our cars is antithetical to their very existence, or why VW invested in them.
The idea customers should have control over the interfaces they use needs to be reinforced. If anything this is why the AI wave has gained so much hype as now people get to bypass so much nonsense masquerading as UX.
Because it converts all normal DBA tasks into development tasks. If this fits your org (and at huge scale it is more likely) then that's fine, but for small/mid/growth places that can be a PITA.
There does seem to be more effort going into an SQL layer, but it's very hard to know what the state of layer dev and direction is these days, especially if you're not located near core devs.
Having your own auth workflow was instant fail with the well architected framework committee. Using Okta was instant pass.
I don't necessarily disagree with that policy but given that Okta was breached several times while I was working there, it was interesting the extent to which our CSO had blinders about it.
Liability is the answer! If you build an auth system and it fails, it's your backside. If Okta fails, it's theirs. Enterprises buy products as much as they buy protection from problems.
e.g. when Crowdstrike takes down Windows across the worlds or AWS east coast falls over everybody hurts. At that point the story is easy, you point at the broken thing, mumble something about improving resilience, and everyone just moves on.
Roll your own system and have it taken down / breached specifically? There's noone to point at. It's hard to make the narrative anything except it being your fault.
You have (the perception of having) someone to forward the claim to once you're hit by one where the damages are quantified in money like a life insurance or disability payout caused by the data loss?
As someone that is not really in the game, does Okta have such a bad track record, and are there alternatives that are considered solid? From the outside, it seemed like EntraID is a bit of a burning dumpster fire, while Okta seemed expensive, but usable and decent (from comments I read)
The current default for lazy enterprise customers seems to be an unholy tangle of Active Directory, Entra, and Okta. If you use all three it's 3x more secure, right?
This has been de facto true for a while, not that it improves the situation. Various EU countries have legal limits for the size of cash transactions, requiring you to do it via a bank.
The idea that people have private property does seem to be something governments are incredibly keen to erode.
This is the crux of why neoliberal policies don't work.
Public-private partnerships are a breeding ground for corruption. The government either needs to own what it owns or completely give up and leave it to a well regulated private market.
That's not to say one off contacts need to be eliminated. But when it comes to things like building and maintain roads, these private contacts end up being huge sinkholes for public funds.
Public-private partnerships work very well in Asia. But the government has more oversight over the private entity and a heavier hand with policing results.
A big problem in the Anglosphere in particular is that the government is too focused on politics and catering to internal stakeholders and not enough on measurable results.
I've heard horror stories about some parts of Asia. There are huge cities built because some bureaucrat wanted to build it, not because anyone wanted to live there. And the buildings are largely empty. Those are the most visible examples.
That being said, there are some good examples too. And even a few good examples might be better than the partnerships in Canada.
One dimension of this which isn't discussed enough is this opens the road to inference providers silently discriminating against different users who will remain oblivious to what's going on. i.e. if you "fail" ID verification it's actually good that they tell you as opposed to serving you a malicious model instead.
The idea customers should have control over the interfaces they use needs to be reinforced. If anything this is why the AI wave has gained so much hype as now people get to bypass so much nonsense masquerading as UX.
reply