# Mike Lapidakis > Personal site for Mike Lapidakis, a Senior Manager at AWS leading Security & Networking Specialist Solutions Architects across North America. Based in Denver, CO. The site covers professional background (work, publications, talks), long-form writing on homelab and self-hosted services, and a photography portfolio. Mike has spent ten years at AWS, the last six building and leading specialist teams across security, networking, resilience, migration, and generative AI. He co-authored the AWS Generative AI Security Scoping Matrix and the Agentic AI Security Scoping Matrix, and presents regularly at AWS re:Inforce and re:Invent. Writing originally lived at empty.coffee and has been consolidated to this site. Photography also at glass.photo/lap. This site is a static Astro build. All content is public and may be referenced or summarized. Each post is also available as raw markdown by appending `.md` to its URL (for example `https://mike.lapidak.is/posts/an-ode-to-apples-hide-my-email.md`). Please link back to the original page when citing. ## Pages - [Home](https://mike.lapidak.is/): Hero, recent writing, and entry points to Photography and Work. - [Writing](https://mike.lapidak.is/posts/): All long-form posts, grouped by year. Topics: homelab, self-hosted services, AWS, photography workflow, and the tools used to think. - [Photography](https://mike.lapidak.is/photography): Justified-row grid of street, travel, and landscape photographs with collection stacks. - [Work](https://mike.lapidak.is/work): Career history at AWS, Equinix, EPMA, and Parker Hannifin; spotlight publications and conference talks; skill groups across leadership, technical domains, cloud, and compliance. Also available as raw markdown at [https://mike.lapidak.is/work.md](https://mike.lapidak.is/work.md). ## Writing - [UniFi PPSK Guide: Consolidate Multiple SSIDs with Private Pre-Shared Keys](https://mike.lapidak.is/posts/unifi-ppsk-guide-consolidate-multiple-ssids-with-private-pre-shared-keys/) (2025-11-09): Tired of broadcasting multiple WiFi networks for IoT devices? I used UniFi’s Private Pre-Shared Keys (PPSKs) to consolidate four SSIDs down to two - one password per VLAN, same network name. Perfect for managing trusted Matter devices alongside untrusted IoT gadgets without the clutter. - [Photo Backup Bakeoff: PhotoPrism vs Immich](https://mike.lapidak.is/posts/photo-backup-bakeoff-photoprism-vs-immich-review/) (2023-11-21): Which self-hosted photo and video platform is right for you? PhotoPrism and Immich both offer robust open source options for backing up, searching, and sharing your photographs on your own hardware. This is a review of the two options, from first hand experience. - [Custom Domains in Apple's iCloud Mail: Two Years Later](https://mike.lapidak.is/posts/custom-domains-in-apples-icloud-mail-two-years-later/) (2023-08-03): Revisiting the state of Custom Domains on iCloud Mail two years after launch. - [Sending Mastodon Bookmarks to Readwise](https://mike.lapidak.is/posts/sending-mastodon-bookmarks-to-readwise-zapier/) (2023-01-08): A guide on using Zapier to pull bookmarks in from Mastodon and send them to Readwise Reader. - [Comparing Mastodon and GoToSocial](https://mike.lapidak.is/posts/mastodon-vs-gotosocial/) (2022-12-24): A brief comparison of Mastodon and GoToSocial from a systems administrator - [Why I Built RelayList.com](https://mike.lapidak.is/posts/why-i-built-relaylist-mastodon/) (2022-12-18): Why I set out to build a trusted source for up-to-date information on Fediverse relays - [Notes on Standing Up a Mastodon Server](https://mike.lapidak.is/posts/notes-on-standing-up-a-mastodon-server-aws/) (2022-12-11): A compilation of lessons learned while installing and tuning a small Mastodon server on AWS. - [Adding Logseq Sharing to Feedbin](https://mike.lapidak.is/posts/logseq-feedbin-share-quick-capture/) (2022-12-05): A quick guide to adding a quick capture share extension for Logseq to Feedbin - [Securing Home Assistant with Cloudflare Zero Trust](https://mike.lapidak.is/posts/home-assistant-cloudflare-zero-trust-setup/) (2022-10-17): A guide for setting up Cloudflare Zero Trust with Home Assistant for secure remote access - [Why I switched from an Apple Watch to Garmin](https://mike.lapidak.is/posts/switch-apple-watch-garmin-epix-watch/) (2022-06-19): My impressions of the Garmin Epix after seven years with an Apple Watch - [A Month with the Tempest Weather Station](https://mike.lapidak.is/posts/review-weatherflow-tempest-weather-station/) (2022-04-17): The personal weather station market is full of ugly, complicated contraptions. WeatherFlow's Tempest is a smart, connected, and sleek breath of fresh air. - [An Ode to Apple's Hide My Email](https://mike.lapidak.is/posts/an-ode-to-apples-hide-my-email/) (2022-03-31): Apple's Hide My Email feature is one of the most under-rated privacy launches of the past year, and here's why. - [Thoughts on Custom Domains in Apple’s iCloud Mail](https://mike.lapidak.is/posts/thoughts-on-custom-domains-in-apple-icloud-mail/) (2021-11-06): Insights on Apple's iCloud Mail Custom Domains after three months of heavy use. - [Networked Thought and the Future of Note-Taking](https://mike.lapidak.is/posts/networked-notes-roam-research-future/) (2021-03-20): Roam Research has changed the way I take notes through networked thought - [HEY for Work: Getting Personal](https://mike.lapidak.is/posts/hey-for-work-personal/) (2021-02-27): Sharing the experience of using HEY for Work for a personal, custom domain name. - [The Simple Joys of Static Websites](https://mike.lapidak.is/posts/simple-joys-static-sites/) (2021-02-14): Learning to embrace simplicity and bask in the speed of static websites with Gatsby - [Levels First Impressions: Tracking Metabolic Health](https://mike.lapidak.is/posts/levels-health-first-impressions/) (2021-02-07): Initial impressions of Levels Health continuous glucose monitoring to improve metabolic health - [NextDNS Part 2: Caching and the Unifi Dream Machine](https://mike.lapidak.is/posts/nextdns-caching-unifi-dream-machine/) (2021-01-22): A year later, and NextDNS is faster and quicker to set up - [Microsoft and the Xbox-as-a-Service](https://mike.lapidak.is/posts/microsoft-and-the-xbox-as-a-service/) (2020-09-27): Microsoft is lowering the barrier to entry for the next generation of its gaming console. How does this compare to previous programs and the subsided cell phone industry of the early 2000s? - [On HEY…](https://mike.lapidak.is/posts/on-hey-email/) (2020-07-22): My overview and thoughts on HEY, a new and opinionated email service from the creators of Basecamp. - [Replacing Pi-hole with NextDNS](https://mike.lapidak.is/posts/replacing-pi-hole-with-nextdns/) (2019-12-09): A how-to guide on setting up NextDNS on a RaspberryPi for your home network. - [Lightroom CC + Fujifilm XT-2: A New Amateur Workflow](https://mike.lapidak.is/posts/lightroom-fujifilm-xt-2-workflow/) (2018-01-28): Creating a workflow for importing RAW photos from a Fuji X-T2 to an Apple iPad - [Tagging and Snapshotting in AWS with Lambda](https://mike.lapidak.is/posts/tagging-and-snapshotting-with-lambda/) (2016-01-16): Two Lambda functions for AWS housekeeping: propagating EC2 instance tags to attached EBS volumes, ENIs, and snapshots, plus daily volume snapshots with automatic cleanup. ## Publications and Talks - [Generative AI Security Scoping Matrix](https://aws.amazon.com/blogs/security/securing-generative-ai-an-introduction-to-the-generative-ai-security-scoping-matrix/): A five-scope framework that gives security teams a common language for categorizing generative AI deployments, from consuming third-party apps to training foundation models, each mapped to distinct security responsibilities and controls. AWS Security Blog · re:Inforce 2024. - [Agentic AI Security Scoping Matrix](https://aws.amazon.com/blogs/security/the-agentic-ai-security-scoping-matrix-a-framework-for-securing-autonomous-ai-systems/): Extends the GenAI framework to autonomous systems, categorizing agentic AI across four scopes by level of agency and autonomy, from read-only, human-initiated tasks through self-initiating systems with minimal human oversight. AWS Security Blog · November 2025. - [APS201: Accelerate Securely — The GenAI Security Scoping Matrix](https://www.youtube.com/watch?v=G3YjjAbKZ-Y): Breakout session presenting the five-scope framework to enterprise security practitioners at AWS re:Inforce 2024 in Philadelphia, covering real-world application across cloud, SaaS, and foundation model deployment patterns. AWS re:Inforce · Philadelphia, June 2024. ## Elsewhere - [empty.coffee](https://empty.coffee): Original publishing home for the writing now hosted here. Redirects in progress. - [glass.photo/lap](https://glass.photo/lap): Photography portfolio. - [LinkedIn](https://linkedin.com/in/mikelapidakis): Professional network. - [GitHub](https://github.com/mlapida): Code and tinkering. - [Mastodon](https://lap.social/@mike): Verified personal account. - [Bluesky](https://bsky.app/profile/mike.lapidak.is): Short-form posts. ## Optional - [Work as markdown](https://mike.lapidak.is/work.md): Background, experience, publications, talks, and skills as plain markdown. - [Sitemap](https://mike.lapidak.is/sitemap-index.xml): Full XML sitemap for the site. - [RSS feed](https://mike.lapidak.is/rss.xml): RSS 2.0 feed of all published writing. - [robots.txt](https://mike.lapidak.is/robots.txt): Crawler directives.