Connect with us

Startups

TBD turns an STI into NBD with at-home testing for sexually transmitted infections – TechCrunch

Published

on

Sexual health isn’t the taboo it once was, but that doesn’t mean everything is all roses and unicorns in the land of STI testing. TBD Health is taking a fresh new approach with at-home testing made available for vagina-havers. The company has been offering a five-panel “check yourself out” kit for at-home testing, and recently opened an in-person clinic in Las Vegas. I spoke to the two co-founders to find out why there’s a need for at-home sexual health services.

The Centers for Disease Control and Prevention shows that STI rates in the United States have continued to climb over the last several years, reaching a sixth consecutive all-time high per data reported in 2021. One in five people in the U.S. has an STI, half of them among young people aged 15-24, costing $16 billion in direct medical costs. Suffice to say, TBD is going after a market that ought to be shrinking, but isn’t.

“We realized that access to screening is key, and people have less access today than they did before. This is in part because of COVID — people don’t want to go to the doctor’s office — and a lot of federal funding has made it trickier. We built this company to provide empowering STI screening that really works in people’s routines, starting with our at-home kit. We took a very different approach to how most other medical companies do, so it doesn’t feel clinical or high-stakes,” shares Stephanie Estey, co-founder at TBD Health. “We really wanted to make a screening feel as though it was on your terms. We launched a pilot earlier this year in six states.”

TBD Health’s at-home testing services are available in Washington, Arizona, Nevada, Massachusetts, Florida and Connecticut — and the company is planning to roll out to more states, but there are regulatory challenges on the path to full 50-state coverage.

“If someone tests positive, we can provide treatment for almost everything. Our clinician will set up a time to talk to you about your personalized care plan — it’s not an ananonymous ‘here’s a generic care plan you need to follow to go figure it out with your provider’. For the most part, the vast majority of infections, the ones that require antibiotics, for instance, is something that we can get you that prescription to make sure that you have treatment,” explains Estey. Of course, the clinician requirement means that the team needs a home base in every state in which they operate. “We do have a medical team in each state, so you have a clinician reviewing all the results, signing off on the lab request and then processing results or doing the prescribing. Right now it’s, we’re in six states, but we are expanding quickly in 2022.”

The company suggests that they can test for all the same STIs that your usual doctor could test for, but relies on a self-collection protocol. There’s a self-collect vaginal swab, a urine sample and a blood sample. The latter, in particular, piqued my interest, as my mind went to venipuncture draws — but it turns out that it’s possible to do a finger-prick test, let some blood fall on a collection card, which then can be used by the team to run the assays and determine if treatment is required.

“We use what’s known as a dried blood spot card. It’s basically a piece of paper that has a few circles that you saturate with your blood using a finger prick lancet — similar to what diabetics do on a daily basis to test themselves. Through this card, we can test you for all major blood-based STIs, including HIV, syphilis. It’s actually kind of an incredible tool; I think it was developed for testing babies in hospitals because it’s hard to do draws on a baby,” explains Estey. “It lends itself really well to at-home testing because it stays stable throughout transport.”

The in-person clicic TBD Health opened in Las Vegas, with its at-home testing boxes on the wall in the background. Image Credits: TBD Health

The company claims it retains the accuracy of more traditional STI testing protocols.

“In lab testing there are two main metrics for accuracy, and that’s sensitivity and specificity, and so we did a lot of vetting of a lot of labs. Our lab partners have comparable sensitivity and specificity, and that means it’s just as accurate. And you can do it from the privacy of your own home,” says Estey. “You’re supported through telemedicine with our clinical care team.”

In order to have in-person care, too, TBD opened a care hub in Las Vegas, with the goal of creating an environment where the company can get a deeper view of the needs of its customers, with the hope of translating the learnings to better service for the other side of the business.

For now, the team is focusing on vagina-havers. The team tells me this is mostly because they carry not just the burden of STIs, but there’s also a fertility angle to consider. In order to give the best possible service, they’ve chosen to focus their attention.

“We’re really focused on serving women and vagina owners right now. I don’t think we’re ready to say where serving penis-owners falls on our roadmap. Penis-owners are absolutely a contributor in terms of transmissions. But for women, the burden is not just in terms of cost and stigma, but also fertility in many cases. STIs are actually the number one preventable cause of infertility in the U.S.,” Estey points out. “When we think about expanding what our focus is, we want to make sure that we are serving those people correctly. There have been so many examples of companies that get it wrong. The equivalence would be to make something for women by turning it pink — it doesn’t work like that. I think TBD is really excited to be going deep because we know vagina owners so well and we know how to best serve them. When we think about offering something to penis owners, we want to make sure that we are being as thoughtful and as deep, so we are doing justice just as we have done that for people with vaginas.”

Source link

Startups

Snowflake 101: 5 ways to build a secure data cloud 

Published

on

Today, Snowflake is the favorite for all things data. The company started as a simple data warehouse platform a decade ago but has since evolved into an all-encompassing data cloud supporting a wide range of workloads, including that of a data lake

More than 6,000 enterprises currently trust Snowflake to handle their data workloads and produce insights and applications for business growth. They jointly have more than 250 petabytes of data on the data cloud, with more than 515 million data workloads running each day.

Now, when the scale is this big, cybersecurity concerns are bound to come across. Snowflake recognizes this and offers scalable security and access control features that ensure the highest levels of security for not only accounts and users but also the data they store. However, organizations can miss out on certain basics, leaving data clouds partially secure. 

Here are some quick tips to fill these gaps and build a secure enterprise data cloud.

Event

Intelligent Security Summit

Learn the critical role of AI & ML in cybersecurity and industry specific case studies on December 8. Register for your free pass today.


Register Now

1. Make your connection secure

First of all, all organizations using Snowflake, regardless of size, should focus on using secured networks and SSL/TLS protocols to prevent network-level threats. According to Matt Vogt, VP for global solution architecture at Immuta, a good way to start would be connecting to Snowflake over a private IP address using cloud service providers’ private connectivity such as AWS PrivateLink or Azure Private Link. This will create private VPC endpoints that allow direct, secure connectivity between your AWS/Azure VPCs and the Snowflake VPC without traversing the public Internet. In addition to this, network access controls, such as IP filtering, can also be used for third-party integrations, further strengthening security.

2. Protect source data

While Snowflake offers multiple layers of protection – like time travel and fail-safe – for data that has already been ingested, these tools cannot help if the source data itself is missing, corrupted or compromised (like malicious encrypted for ransom) in any way. This kind of issue, as Clumio’s VP of product Chadd Kenney suggests, can only be addressed by adopting measures to protect the data when it is resident in an object storage repository such as Amazon S3 – before ingest. Further, to protect against logical deletes, it is advisable to maintain continuous, immutable, and preferably air-gapped backups that are instantly recoverable into Snowpipe.

3. Consider SCIM with multi-factor authentication

Enterprises should use SCIM (system for cross-domain identity management) to help facilitate automated provisioning and management of user identities and groups (i.e. roles used for authorizing access to objects like tables, views, and functions) in Snowflake. This makes user data more secure and simplifies the user experience by reducing the role of local system accounts. Plus, by using SCIM where possible, enterprises will also get the option to configure SCIM providers to synchronize users and roles with active directory users and groups.

On top of this, enterprises also should use multi-factor authentication to set up an additional layer of security. Depending on the interface used, such as client applications using drivers, Snowflake UI, or Snowpipe, the platform can support multiple authentication methods, including username/password, OAuth, keypair, external browser, federated authentication using SAML and Okta native authentication. If there’s support for multiple methods, the company recommends giving top preference to OAuth (either snowflake OAuth or external OAuth) followed by external browser authentication and Okta native authentication and key pair authentication.

4. Column-level access control

Organizations should use Snowflake’s dynamic data masking and external tokenization capabilities to restrict certain users’ access to sensitive information in certain columns. For instance, dynamic data masking, which can dynamically obfuscate column data based on who’s querying it, can be used to restrict the visibility of columns based on the user’s country, like a U.S. employee can only view the U.S. order data, while French employees can only view order data from France.

Both features are pretty effective, but they use masking policies to work. To make the most of it, organizations should first determine whether they want to centralize masking policy management or decentralize it to individual database-owning teams, depending on their needs. Plus, they would also have to use invoker_role() in policy conditions to enable unauthorized users to view aggregate data on protected columns while keeping individual data hidden.

5. Implement a unified audit model

Finally, organizations should not forget to implement a unified audit model to ensure transparency of the policies being implemented. This will help them actively monitor policy changes, like who created what policy that granted user X or group Y access to certain data, and is as critical as monitoring query and data access patterns. 

To view account usage patterns, use system-defined, read-only shared database named SNOWFLAKE. It has a schema named ACCOUNT_USAGE containing views that provide access to one year of audit logs.

Source link

Continue Reading

Startups

WhatsApp rolls out new ‘Message Yourself’ feature globally • TechCrunch

Published

on

To get a roundup of TechCrunch’s biggest and most important stories delivered to your inbox every day at 3 p.m. PDT, subscribe here.

We’re joining the Cyber Monday fun with 25% off annual subscriptions to TechCrunch+ content and analysis starting today until Wednesday, November 30. Plus, today only, get 50% off tickets to discover the vast unknown and attend TechCrunch Sessions: Space in Los Angeles!

Okay, we haven’t done a newsletter since Wednesday, and while the U.S. team was chillin’ like villains, the rest of the team was hard at work, so here’s some of the highlights from the last half-week of TechCrunchy goodness! — Christine and Haje

The TechCrunch Top 3

  • Talking to yourself just went digital: Instead of having that internal monologue stay in your head, now you can play out all of your thoughts to yourself in WhatsApp, Jagmeet writes. The messaging platform began rolling out an easier way to talk to yourself today after completing beta testing.
  • Great Wall of porn: That’s how Rita and Catherine describe the bot surge in China that is making it difficult to get any legitimate Twitter search results when trying to find out something about Chinese cities. Why, you ask? Rita writes that “the surge in such bot content coincides with an unprecedented wave of (COVID) protests that have swept across major Chinese cities and universities over the weekend.”
  • Your calendar, only more productive: Get ready for your calendar to be more than just a place to record things you have to do that day. Romain writes about Amie, a startup that grabbed $7 million to link your unscheduled to-do list with your calendar. The app also enables users to be social with coworkers.

Startups and VC

Dubai-based mass transit and shared mobility services provider SWVL has carried out its second round of layoffs, affecting 50% of its remaining headcount, Tage reports. The news is coming six months after SWVL laid off 32% (over 400 employees) of its workforce in a “portfolio optimization program” effort geared toward achieving positive cash flow next year.

There’s a couple of new funds in town, too! Harri reports that Early Light Ventures plots a second, $15 million fund for software ‘underdogs,’ while Mike writes that BackingMinds raises a new €50 million fund to fund normally overlooked entrepreneurs. He also writes about Pact, an all-women led VC for mission-driven startups, backed by Anne Hathaway.

And we have five more for you:

Lessons for raising $10M without giving up a board seat

Blackboard showing soccer strategy

Image Credits: Ihor Reshetniak (opens in a new window) / Getty Images

Over the last two years, intelligent calendar platform Reclaim.ai raised $10 million “using a more incremental approach,” writes co-founder Henry Shapiro.

“We’ve done all this without giving up a single board seat, and Reclaim employees continue to own over two-thirds of the company’s equity,” rejecting conventional wisdom that founders should “raise as much as you can as fast as you can.”

In a TC+ post, Shapiro reviews the process they used to identify follow-on investors, shares the email template used to pitch the SAFE, and explains why “a larger cap table means more founder control.”

Three more from the TC+ team:

TechCrunch+ is our membership program that helps founders and startup teams get ahead of the pack. You can sign up here. Use code “DC” for a 15% discount on an annual subscription!

Big Tech Inc.

Amazon’s recent cost-cutting measures seem to be affecting more than just its delivery business. Manish writes that the company is shutting down its wholesale distribution business, called Amazon Distribution, in India. Amazon had started this unit to help neighborhood stores secure inventory. The company didn’t say why it was closing this particular business down, but Manish notes that this is the third such Amazon unit to be shuttered in India.

Meanwhile, Natasha L reports that Meta has gotten itself into trouble again with the European Union’s General Data Protection Regulation (aka, the agency that regulates data protection). Facebook’s parent company is being hit with $275 million in penalties for what the agency said was breaches in data protection that resulted in some 530 million users’ personal information being leaked.

Now enjoy six more:



Source link

Continue Reading

Startups

French Court Says Man Was Wrongfully Fired For Not Being ‘Fun’

Published

on

You can’t be fired because a company doesn’t think you’re “fun” enough.



Frédéric Soltan I Getty Images

The Court of Cassation in Paris.

At least, that’s according to France’s highest court, The Court of Cassation, which ruled earlier this month that a man who was fired for not wanting to participate in certain company activities billed as part of their “fun” culture was wrongfully terminated, according to The Washington Post.

The man’s legal team said their client wasn’t seen as “fun” because he refused to engage in corporate events with large amounts of drinking. The man also claimed a work culture where people did activities such as miming sexual acts, sharing beds with other employees at work events, and giving people uncouth nicknames, per the outlet.

A Google translation of the court documents characterized these acts as “practices advocated by the associates linking promiscuity, bullying, and incitement to various excesses.”

The decision says the man was fired in March 2015 for not embracing the company’s “fun” culture (calling it “professional incompetence,”) as well as being more rigid of personality, the documents claim.

The company in question is Cubik Partners, a management consulting firm. It did not respond immediately to a request for comment.

France is known for its pro-employee labor laws and well-known jokes about how it’s impossible to get fired there. That is also generally true for other countries in Europe, including Ireland, where Elon Musk’s Twitter has already faced a temporary injunction for firing an executive based there.

In this case, the court ruled that firing an employee for not doing the activities in question constituted a violation of “his freedom of expression,” and that it is a “fundamental freedom” to not engage in some sort of social activity.

The fired employee had asked for over $400,000 USD, which the Paris Court of Appeals rejected last year. This ruling turned over that court’s rejection in part, ordered the company to give the former employee $3,000 euros, and said it would look at his demand for damages at some point in the future, per Insider.

Continue Reading

Trending

URGENT: CYBER SECURITY UPDATE