Notes on data, AI, IT
and security
No marketing fog. The way I think about real problems with founders and managers.
DevDay, long context, and the tooling shift toward LLM production systems
What OpenAI's DevDay announcements mean for companies thinking about moving from LLM pilots to working production systems.
The Okta breach: what happens when your identity provider is compromised
A look at the Okta incident in October 2023 and practical conclusions for companies that rely on centralised authentication.
Zero trust networking: a practical starting point for non-security teams
Zero trust is talked about constantly but implemented rarely. Here is a grounded explanation of what it means in practice and where a company with limited security resources should actually start.
LLM operational economics: how to model costs before you scale
Why token costs for language models need to be modelled in advance, and how to avoid an unexpected invoice when load grows.
Internal developer platforms: why this is a leadership question
What an internal developer platform is, why the approach is gaining momentum, and what it has to do with development speed and operational control.
Data mesh is an organisational pattern, not a technology choice
Data mesh gets discussed as if it were a tool to buy or a platform to deploy. It is not. Understanding what it actually is changes how you evaluate whether it is right for your situation.
What to understand about embeddings before launching vector search
Why choosing an embedding model is not a technical detail for later, but an architectural decision with long-term consequences.
Fine-tuning GPT-3.5: when it makes sense and when it does not
OpenAI opened fine-tuning for GPT-3.5 Turbo in August 2023. Here is a practical read on the use cases where it delivers and the ones where prompt engineering is still the right call.
AI API keys are becoming the new security perimeter
Why connecting to language models through an API creates a new class of risks and what to do about it now, before the keys have spread across the entire infrastructure.
Feature flags as a deployment risk control tool
How feature flags change the logic of releasing software and why this is a management question, not just a technical one.
Llama 2 and open weights: what it means for enterprise
A look at why larger organisations should pay attention to open-weight language models, and where the real boundary between opportunity and illusion lies.
Vector databases: what changed and why it matters for business
Why vector databases became a topic alongside the LLM wave, and what this actually means for companies working with internal documents.