-
14 votes
-
Data security help - SOC2ish
Hi Tilderinos, I head up a small startup and we're looking to get some support for our data security. Up until now we've worked with small mom and pops that didn't have any requirements, but a few...
Hi Tilderinos,
I head up a small startup and we're looking to get some support for our data security. Up until now we've worked with small mom and pops that didn't have any requirements, but a few of our new clients have full data security teams and our infrastructure and policies/protocols aren't up to snuff. We reached out to a few consulting firms and they quotes us between $80-100k to get things set up and run us through a full SOC2 review. As a small company we don't really have that type of budget, more like $40-50k. I stumbled upon Vanta and Drata as alternatives and had meetings with their sales folks last week. Both of their offerings from setting up our protocols to monitoring and getting us through a SOC2 were only $16k.
Are platform based companies like Vanta or Drata enough to get us off the ground while we're still getting set up? Has anyone worked with them before and have any feelings one way or the other? Should we be signing on with a security consulting company - be it at a lower rate if we can negotiate it?
This is all quite new to me and any insight folks here can provide would be incredible useful.12 votes -
Inside Iron Mountain: It’s time to talk about hard drives
23 votes -
Oracle's $115 million privacy settlement: What consumers should know
22 votes -
Is Google training AI on YouTube videos?
17 votes -
US judge rules $400 million algorithmic system illegally denied thousands of people’s Medicaid benefits
27 votes -
Top companies ground Microsoft Copilot over data governance concerns
23 votes -
Google must destroy $5 billion worth of user data illegally collected in Incognito Mode
55 votes -
Condé Nast joins other publishers in allowing OpenAI to access its content
8 votes -
Microsoft will train AI on user data
44 votes -
Inside the "three billion people" National Public Data breach
71 votes -
Websites are blocking the wrong AI scrapers (Because AI companies keep making new ones)
18 votes -
Google halts its four-plus-year plan to turn off tracking cookies by default in Chrome
36 votes -
Google dropping plan to remove ad-tracking cookies on Chrome
22 votes -
Tech giants should be made subject to a global tax for their use of people's personal data, according to Norway's Finance Minister Trygve Slagsvold Vedum
30 votes -
It may soon be legal to jailbreak AI to expose how it works
29 votes -
Disney hack results in leak of over 1 TB of Slack data
34 votes -
AT&T says criminals stole phone records of ‘nearly all’ customers in new data breach
26 votes -
Meet Mercy and Anita – the African workers driving the AI revolution, for just over a dollar an hour
18 votes -
Microsoft CEO of AI claims online content is 'freeware' [and can be used to train LLMs in the absence of a specific directives from the author against this]
43 votes -
US House GOP leaders vow to block online privacy bill over intraparty pushback
19 votes -
Meta hit with Norwegian complaint over its plans to use images and posts of users on Facebook and Instagram to train artificial intelligence models
27 votes -
Google Cloud accidentally deletes UniSuper’s online account due to ‘unprecedented misconfiguration’
41 votes -
Obsolete, but not gone: The people who won't give up floppy disks
23 votes -
ProtonMail discloses user data leading to arrest in Spain
41 votes -
The startup offering free toilets and coffee for delivery workers — in exchange for their data
26 votes -
Chrome/Firefox Plugin to locally scrape data from multiple URLs
As the title suggests, I am looking for a free chrome or firefox plugin that can locally scrape data from multiple URLs. To be a bit more precise, what I mean by it: A free chrome or firefox...
As the title suggests, I am looking for a free chrome or firefox plugin that can locally scrape data from multiple URLs. To be a bit more precise, what I mean by it:
- A free chrome or firefox plugin
- Local scraping: it runs in the browser itself. No cloud computing or "credits" required to run
- Scrape data: Collects predefined data from certain data fields within a website such as https://www.dastelefonbuch.de/Suche/Test
- Infinite scroll: to load data that only loads once the browser scrolls down (kind of like in the page I linked above)
I am not looking into programming my own scraper using python or anything similar. I have found plugins that "kind of" do what I am describing above, and about two weeks ago I found one that pretty much perfectly does what is described ("DataGrab"), but it starts asking to buy credits after running it a few times.
My own list:
- DataGrab: Excellent, apart from asking to buy credits after a while
- SimpleScraper: Excellent, but asks to buy credits pretty much immediately
- Easy Scraper: Works well for single pages, but no possibility to feed in multiple URLs to crawl
- Instant Data Scraper: Works well for single pages and infinite scroll pages, but no possibility to feed in multiple URLs to crawl
- "Data Scraper - Easy Web Scraping" / dataminer.io: Doesn't work well
- Scrapy.org: Too much programming, but looks quite neat and well documented
Any suggestions are highly welcome!
Edit: A locally run executable or cmd-line based program would be fine too, as long as it just needs to be configured (e.g., creating a list of URLs stored in a .txt or .csv file) instead of coded (e.g., coding an infinite scroll function from scratch).
8 votes -
FYI: This site claims to have harvested 4B+ Discord chats, today all yours for a price
41 votes -
ProtonMail on all the data that Outlook collects about your email
61 votes -
Sweden's public sector has ditched Big Tech in the name of privacy as a major telecom provider unveiled a new secure collaboration hub
14 votes -
CEO of data privacy company Onerep.com (used by the Mozilla Monitor service), founded dozens of people-search firms
44 votes -
Time to delete your Glassdoor account and data
102 votes -
Tell US Congress: Stop the TikTok ban
32 votes -
What is the most reliable and affordable form of storage medium to use as a backup drive for your computer?
I just had my backup hard drive die and while it did last a few good years, I just want to know what everyone else is using and what gets the best bang for buck.
30 votes -
Generative AI - We aren’t ready
27 votes -
Sen. Ron Wyden exposes data brokers selling US location data to anti-abortion groups that target abortion seekers
45 votes -
The beautiful maths which makes 5G faster than 4G, faster than 3G, faster than…
12 votes -
Tumblr to begin selling user content to AI generative service companies, opt-out will be per blog
75 votes -
Texas is right. The tech giants need to be regulated.
10 votes -
Vending machine error reveals secret face image database of Canadian college students
72 votes -
Google cut a deal with Reddit for AI training data
23 votes -
Reddit has a new AI training deal to sell user content
67 votes -
Robots.txt governed the behavior of web crawlers for over thirty years; AI vendors are ignoring it or proliferating too fast to block
41 votes -
Introducing Mozilla Monitor Plus, a new tool to automatically remove your personal information from data broker sites
35 votes -
How US anti-abortion ruling spurred federal action against the location data industry
24 votes -
Criminals are getting increasingly adept at crafting malicious AI prompts to get data out of ChatGPT
22 votes -
Twenty-six billion records exposed in massive leak, including data from Linkedin, X, Dropbox
44 votes -
‘Impossible’ to create AI tools like ChatGPT without copyrighted material, OpenAI says
44 votes -
Question about GDPR
I am in the EU. I asked a company in which I had an account to delete my account. They told me they would do that as long as I sent them an ID and a postal address. This is to ensure that "I am...
I am in the EU.
I asked a company in which I had an account to delete my account. They told me they would do that as long as I sent them an ID and a postal address. This is to ensure that "I am the right person".
I never gave them an ID and a postal address in the first place so how would that verify anything, and I'm using the email that I used to sign-up with them to ask for the deletion.
Am I in the wrong to believe that this should be easier? Are they misinterpreting the GDPR or am I?
What are my options if I do not want to send my ID and postal address?
--
Their arguments are:
Article 5(1)(f) of the GDPR requires us to meet security obligations in data processing. Since data deletion is permanent, we need to ensure that the request is indeed from the person concerned.
Furthermore, Article 12(6) of the GDPR states: "…when the data controller has reasonable doubts concerning the identity of the natural person making the request referred to in Articles 15 to 21, he may request the provision of additional information necessary to confirm the identity of the data subject."
10 votes -
Impact: US FTC stops data broker X-Mode selling sensitive location data
16 votes