Connect with us

Startups

How to build a product advisory council for your startup – TechCrunch

Published

on

The pandemic has rapidly increased the pace at which companies must evolve to serve their customers, but as the world goes digital, it has also become harder to anticipate changing needs.

In order to design, build and maintain a product that meets changing customer demands, companies need a mechanism that provides unbiased insights from people that represent them.

By design, product advisory councils (PACs) are an invaluable tool that can provide direct access to the expectations of your customers. Once established, a good PAC will provide valuable perspectives on how to solve problems for a broader, evolving market while putting a real face and name to your customer personas, helping your teams feel more connected and motivated to provide tangible value.

There are a number of ways a PAC can influence your business decisions, but most importantly, they will help you prioritize features that have the most value to your customers and help position those features using the same language your customers use. And they can inform future content development by uncovering opportunities you might not have thought to explore.

Here are seven steps to help you set up a PAC and the steps for implementing them:

Define the goals of your PAC

First and foremost, define and align your goals for the PAC. These should be unique to your business, taking into account your industry, customers and goals.

It’s important to think about what you can offer the PAC members to keep them engaged considering your budget, time constraints and your team’s bandwidth.

A good place to start is to ask yourself how you want to grow. For example, you might want to expand beyond your current target customer. To do that successfully, you’ll need to understand how your new customers think. What are their challenges? What are their motivations? What language do they use to describe their work? This will inform the features you want to have to meet the needs of your new customer, as well as how to position the product’s value.

In this case, one of the PAC’s goals should focus on defining and evolving your market opportunity. Clearly defined goals are crucial to helping you decide the kinds of people you want to be represented in the PAC. Consider demographics (age, gender, occupation, location, etc.) as well as psychographics (fears, motivations, influences, etc.).

We implemented a PAC with pretty straightforward goals:

  1. Remain close to our existing customer base to prioritize how our product and marketing should evolve.
  2. Get better at overcoming barriers to purchase by increasing our understanding of buyers and how decisions are made.
  3. Validate and broaden our understanding of our next growth market — the folks we plan on selling to in the future.

At a high level, these goals are valuable because they serve as the inputs needed to inform our product development strategy in both the near and long terms, as well as how we can best communicate the value we want to deliver.

Ensure there is a clear, real value for PAC members who participate

It’s important to think about what you can offer the PAC members to keep them engaged considering your budget, time constraints and your team’s bandwidth. The spectrum for this type of value is wide and can include anything from offering peer networking opportunities to providing exclusive content/training or negotiated discount rates for select member services.

Source link

Startups

Snowflake 101: 5 ways to build a secure data cloud 

Published

on

Today, Snowflake is the favorite for all things data. The company started as a simple data warehouse platform a decade ago but has since evolved into an all-encompassing data cloud supporting a wide range of workloads, including that of a data lake

More than 6,000 enterprises currently trust Snowflake to handle their data workloads and produce insights and applications for business growth. They jointly have more than 250 petabytes of data on the data cloud, with more than 515 million data workloads running each day.

Now, when the scale is this big, cybersecurity concerns are bound to come across. Snowflake recognizes this and offers scalable security and access control features that ensure the highest levels of security for not only accounts and users but also the data they store. However, organizations can miss out on certain basics, leaving data clouds partially secure. 

Here are some quick tips to fill these gaps and build a secure enterprise data cloud.

Event

Intelligent Security Summit

Learn the critical role of AI & ML in cybersecurity and industry specific case studies on December 8. Register for your free pass today.


Register Now

1. Make your connection secure

First of all, all organizations using Snowflake, regardless of size, should focus on using secured networks and SSL/TLS protocols to prevent network-level threats. According to Matt Vogt, VP for global solution architecture at Immuta, a good way to start would be connecting to Snowflake over a private IP address using cloud service providers’ private connectivity such as AWS PrivateLink or Azure Private Link. This will create private VPC endpoints that allow direct, secure connectivity between your AWS/Azure VPCs and the Snowflake VPC without traversing the public Internet. In addition to this, network access controls, such as IP filtering, can also be used for third-party integrations, further strengthening security.

2. Protect source data

While Snowflake offers multiple layers of protection – like time travel and fail-safe – for data that has already been ingested, these tools cannot help if the source data itself is missing, corrupted or compromised (like malicious encrypted for ransom) in any way. This kind of issue, as Clumio’s VP of product Chadd Kenney suggests, can only be addressed by adopting measures to protect the data when it is resident in an object storage repository such as Amazon S3 – before ingest. Further, to protect against logical deletes, it is advisable to maintain continuous, immutable, and preferably air-gapped backups that are instantly recoverable into Snowpipe.

3. Consider SCIM with multi-factor authentication

Enterprises should use SCIM (system for cross-domain identity management) to help facilitate automated provisioning and management of user identities and groups (i.e. roles used for authorizing access to objects like tables, views, and functions) in Snowflake. This makes user data more secure and simplifies the user experience by reducing the role of local system accounts. Plus, by using SCIM where possible, enterprises will also get the option to configure SCIM providers to synchronize users and roles with active directory users and groups.

On top of this, enterprises also should use multi-factor authentication to set up an additional layer of security. Depending on the interface used, such as client applications using drivers, Snowflake UI, or Snowpipe, the platform can support multiple authentication methods, including username/password, OAuth, keypair, external browser, federated authentication using SAML and Okta native authentication. If there’s support for multiple methods, the company recommends giving top preference to OAuth (either snowflake OAuth or external OAuth) followed by external browser authentication and Okta native authentication and key pair authentication.

4. Column-level access control

Organizations should use Snowflake’s dynamic data masking and external tokenization capabilities to restrict certain users’ access to sensitive information in certain columns. For instance, dynamic data masking, which can dynamically obfuscate column data based on who’s querying it, can be used to restrict the visibility of columns based on the user’s country, like a U.S. employee can only view the U.S. order data, while French employees can only view order data from France.

Both features are pretty effective, but they use masking policies to work. To make the most of it, organizations should first determine whether they want to centralize masking policy management or decentralize it to individual database-owning teams, depending on their needs. Plus, they would also have to use invoker_role() in policy conditions to enable unauthorized users to view aggregate data on protected columns while keeping individual data hidden.

5. Implement a unified audit model

Finally, organizations should not forget to implement a unified audit model to ensure transparency of the policies being implemented. This will help them actively monitor policy changes, like who created what policy that granted user X or group Y access to certain data, and is as critical as monitoring query and data access patterns. 

To view account usage patterns, use system-defined, read-only shared database named SNOWFLAKE. It has a schema named ACCOUNT_USAGE containing views that provide access to one year of audit logs.

Source link

Continue Reading

Startups

WhatsApp rolls out new ‘Message Yourself’ feature globally • TechCrunch

Published

on

To get a roundup of TechCrunch’s biggest and most important stories delivered to your inbox every day at 3 p.m. PDT, subscribe here.

We’re joining the Cyber Monday fun with 25% off annual subscriptions to TechCrunch+ content and analysis starting today until Wednesday, November 30. Plus, today only, get 50% off tickets to discover the vast unknown and attend TechCrunch Sessions: Space in Los Angeles!

Okay, we haven’t done a newsletter since Wednesday, and while the U.S. team was chillin’ like villains, the rest of the team was hard at work, so here’s some of the highlights from the last half-week of TechCrunchy goodness! — Christine and Haje

The TechCrunch Top 3

  • Talking to yourself just went digital: Instead of having that internal monologue stay in your head, now you can play out all of your thoughts to yourself in WhatsApp, Jagmeet writes. The messaging platform began rolling out an easier way to talk to yourself today after completing beta testing.
  • Great Wall of porn: That’s how Rita and Catherine describe the bot surge in China that is making it difficult to get any legitimate Twitter search results when trying to find out something about Chinese cities. Why, you ask? Rita writes that “the surge in such bot content coincides with an unprecedented wave of (COVID) protests that have swept across major Chinese cities and universities over the weekend.”
  • Your calendar, only more productive: Get ready for your calendar to be more than just a place to record things you have to do that day. Romain writes about Amie, a startup that grabbed $7 million to link your unscheduled to-do list with your calendar. The app also enables users to be social with coworkers.

Startups and VC

Dubai-based mass transit and shared mobility services provider SWVL has carried out its second round of layoffs, affecting 50% of its remaining headcount, Tage reports. The news is coming six months after SWVL laid off 32% (over 400 employees) of its workforce in a “portfolio optimization program” effort geared toward achieving positive cash flow next year.

There’s a couple of new funds in town, too! Harri reports that Early Light Ventures plots a second, $15 million fund for software ‘underdogs,’ while Mike writes that BackingMinds raises a new €50 million fund to fund normally overlooked entrepreneurs. He also writes about Pact, an all-women led VC for mission-driven startups, backed by Anne Hathaway.

And we have five more for you:

Lessons for raising $10M without giving up a board seat

Blackboard showing soccer strategy

Image Credits: Ihor Reshetniak (opens in a new window) / Getty Images

Over the last two years, intelligent calendar platform Reclaim.ai raised $10 million “using a more incremental approach,” writes co-founder Henry Shapiro.

“We’ve done all this without giving up a single board seat, and Reclaim employees continue to own over two-thirds of the company’s equity,” rejecting conventional wisdom that founders should “raise as much as you can as fast as you can.”

In a TC+ post, Shapiro reviews the process they used to identify follow-on investors, shares the email template used to pitch the SAFE, and explains why “a larger cap table means more founder control.”

Three more from the TC+ team:

TechCrunch+ is our membership program that helps founders and startup teams get ahead of the pack. You can sign up here. Use code “DC” for a 15% discount on an annual subscription!

Big Tech Inc.

Amazon’s recent cost-cutting measures seem to be affecting more than just its delivery business. Manish writes that the company is shutting down its wholesale distribution business, called Amazon Distribution, in India. Amazon had started this unit to help neighborhood stores secure inventory. The company didn’t say why it was closing this particular business down, but Manish notes that this is the third such Amazon unit to be shuttered in India.

Meanwhile, Natasha L reports that Meta has gotten itself into trouble again with the European Union’s General Data Protection Regulation (aka, the agency that regulates data protection). Facebook’s parent company is being hit with $275 million in penalties for what the agency said was breaches in data protection that resulted in some 530 million users’ personal information being leaked.

Now enjoy six more:



Source link

Continue Reading

Startups

French Court Says Man Was Wrongfully Fired For Not Being ‘Fun’

Published

on

You can’t be fired because a company doesn’t think you’re “fun” enough.



Frédéric Soltan I Getty Images

The Court of Cassation in Paris.

At least, that’s according to France’s highest court, The Court of Cassation, which ruled earlier this month that a man who was fired for not wanting to participate in certain company activities billed as part of their “fun” culture was wrongfully terminated, according to The Washington Post.

The man’s legal team said their client wasn’t seen as “fun” because he refused to engage in corporate events with large amounts of drinking. The man also claimed a work culture where people did activities such as miming sexual acts, sharing beds with other employees at work events, and giving people uncouth nicknames, per the outlet.

A Google translation of the court documents characterized these acts as “practices advocated by the associates linking promiscuity, bullying, and incitement to various excesses.”

The decision says the man was fired in March 2015 for not embracing the company’s “fun” culture (calling it “professional incompetence,”) as well as being more rigid of personality, the documents claim.

The company in question is Cubik Partners, a management consulting firm. It did not respond immediately to a request for comment.

France is known for its pro-employee labor laws and well-known jokes about how it’s impossible to get fired there. That is also generally true for other countries in Europe, including Ireland, where Elon Musk’s Twitter has already faced a temporary injunction for firing an executive based there.

In this case, the court ruled that firing an employee for not doing the activities in question constituted a violation of “his freedom of expression,” and that it is a “fundamental freedom” to not engage in some sort of social activity.

The fired employee had asked for over $400,000 USD, which the Paris Court of Appeals rejected last year. This ruling turned over that court’s rejection in part, ordered the company to give the former employee $3,000 euros, and said it would look at his demand for damages at some point in the future, per Insider.

Continue Reading

Trending

URGENT: CYBER SECURITY UPDATE