At any tech company, we work with a lot of legacy systems and monoliths. As engineers, our first instinct would be to decouple these monolithic applications into microservices architectures so we can have cleaner code and an easier system to maintain. While this is definitely a good goal to have, sometimes we focus too much on the technical side of things (architecture, scalability, implementations) and lose sight of the bigger picture. Hopefully, this document can be guidance on other aspects we should think about.Continue reading
Post Category → Code
On Regulated-Tech in Indonesia
Note that this document created in mid-2020 where on 24 January 2020, President Joko Widodo signed the Personal Data Protection (PDP) Bill which is currently being finalized by the Indonesian House of Representatives (DPR). Upon finalization of this PDP Bill, Indonesia will become the fifth country in ASEAN to implement regulations regarding Personal Data Protection.
For the existing Personal Data Controller, there will be a two-year period before the PDP Bill is fully effective and achieves full compliance.
The protection of personal data in Indonesia was initially focused on protection from a privacy perspective. Under the Indonesian Constitution, the concept of privacy rights has been recognized and protected as part of the general concept of human rights. With the need to cover the sector yet to be regulated, specifically, that of the internet and electronic transaction-related activities, Law No. 11/2008 on Electronic Information and Transactions as amended by Law No. 19/2016 (collectively, the EIT Law) was passed. Even though most of the provisions of the EIT Law focus on electronic transactions, there is a notable provision that deals with personal data in the EIT Law.Continue reading
Standardizing FrontEnd development at Mekari
VUE as a first-class frontend framework at Mekari.
React is a perfectly reasonable tool for building front ends, and we are not claiming it’s bad. In Mekari’s case, Vue has a couple of strong points based on decision principles. which may or may not change in the long future.Continue reading
API Key Best Practices
API keys are required for apps and projects that being used across Mekari platforms, either GCP/AWS/Logging Tools or other third-party services. This document identifies the intended use of API keys, how to protect them as you would other credentials, and which restrictions are appropriate for your projects.
Always try to adhere Principle of least privilege*.
*The principle of least privilege states that only the minimum access necessary to perform an operation should be granted, and that access should be granted only for the minimum amount of time necessary.Continue reading