Many thanks for the tweet by Yoel Strimling (@reb_yoel), editor of Corrigo, the Official Publication of the STC Technical Editing SIG (@stc_te_sig), for the post "From Around the Web: The Cybersecurity Style Guide".
The latest version of the Bishop Fox Cybersecurity Style Guide by Brianne Hughes and her team is now available. Download Version 1.1 According to Brianne's post, the revised style guide covers common tools for security research, angles of attack, corporate jargon, and pop culture. A new Appendix B is about using progressive language, and most terms include parts of speech.
This is a living reference work and we welcome your feedback. If you have suggestions for future improvement, please let us know at email@example.com.
Note:Brianne Hughes (@E_Briannica) is a Technical Editor at Bishop Fox, a security consulting firm providing services to the Fortune 500, global financial institutions, and high-tech startups. Brianne holds a Master of Linguistics from the University of York. She continues to pursue her research on compound morphology and has shared her linguistic findings with Ignite Portland, SHEL/DSNA, and Odd Salon.
This concerns you if you have websites and apps that collect personal data used by people living in the European Union or use hosting companies that are based in the EU. Websites and European-based hosting companies must be GDPR-compliant by 25 May 2018.
The GDPR will regulate how personal data of individuals in EU territory gets collected and used. It defines what personal data is – being literally everything – name, e-mail, username, address, phone number, financial data, age, behavioural data and more, and obliges everyone who collects and processes such data of EU individuals, no matter where that company or person is located around the world, to act in accordance with this regulation.
SiteGround from How is SiteGround Getting Ready for the GDPR?
Is Your Hosting Company in the U.S. but Based in the EU?
If you are using a U.S. entity of an EU-based hosting company, check their operating procedures for how EU data is handled. You may have apps or websites that ask for EU clients' data. That data may be transferred to and processed by the U.S. entity. For example, the Society for Technical Communication (STC), Washington, DC – Baltimore (WDCB) chapter's website is hosted in the SiteGround U.S. data center and we have EU users who register for competitions, mentoring, or subscribe to website posts.
How is SiteGround Handling This?
In accordance with the GDPR, SiteGround, and other hosting companies with similar setups, needs to ensure that the U.S. entity offers the same level of protection of the EU data, as guaranteed in the GDPR, even though it is subject to U.S. jurisdiction. SiteGround will regulate this through Standard Contractual Clauses*, which will be included in all contracts between U.S. and EU entities to guarantee the transfer of data is compliant with the GDPR requirements.
They are also working on a certification under the EU-US and Swiss-US Privacy Shield with the Department of Commerce that they adhere to the Privacy Shield Principles regarding the collection, use, and retention of personal information from European Union member countries and Switzerland, respectively, so they can lawfully host EU clients' data on their U.S. servers when that is needed.
Two weeks ago, SiteGround held a free webinar in the EU attended by over 6000 people interested in how the new piece of legislation affects them. The following materials are available to help those who could not attend the seminar get a better understanding of this new regulation.
Free Live Webinar Video: "What is GDPR?"
SiteGround's Senior Legal Advisor, Maya Stoyanova, spoke about the new regulation and answered live questions from the audience. They received a lot of interesting questions. You may watch the recording of the webinar and read the answers of the most popular questions at https://www.siteground.com/blog/what-is-gdpr-webinar/.
Blog Post: "How Is SiteGround Getting Ready for GDPR?"
From: United States Access Board <firstname.lastname@example.org>
Sent: Thursday, March 09, 2017 9:17 AM
Subject: Section 508 Best Practices Webinar: WCAG 2.0 and the Revised Section 508 Standards (March 28)
Section 508 Best Practices Webinar: WCAG 2.0 and the Revised Section 508 Standards (March 28)
The next webinar in the Section 508 Best Practices Webinar Series will take place March 28 from 1:00 to 2:30 (ET) and will cover the updated Section 508 Standards and their application of the Web Content Accessibility Guidelines (WCAG) 2.0 to websites, electronic documents, and software. Presenters will review WCAG 2.0 Level A and Level AA Success Criteria and Conformance Requirements and explain how they are applied by the refreshed 508 Standards. They will also address use of WCAG 2.0 Success Criteria for both web and non-web technologies, available resources for testing and verifying accessibility according to WCAG 2.0, and other topics.
The Section 508 Best Practices Webinar Series provides helpful information and best practices for federal agencies in meeting their obligations under Section 508 of the Rehabilitation Act which ensures access to information and communication technology in the federal sector. This webinar series is made available by the Accessibility Community of Practice of the CIO Council in partnership with the U.S. Access Board.
Section 508 Best Practices: WCAG 2.0 and the Revised Section 508 Standards
March 28, 2017, 1:00- 2:30 (ET) Add to Calendar
• Bruce Bailey, IT Specialist, U.S. Access Board
• Timothy Creagan, Senior Accessibility Specialist, U.S. Access Board
• Earlene Sesker, Training Coordinator, U.S. Access Board (moderator)
• Deborah Kaplan, Section 508 Policy Lead, Office of the CIO, HHS (moderator)
This paper focuses on the importance of prioritizing processes before creating a project schedule. Process documentation projects start with a long list of events, tasks, and activities that need to be documented. This list can seem initially overwhelming, but by clearly defining the objectives of the project, it is possible to prioritize the items on the list.
Filtering the list based on project objectives can identify the processes that are likely to have the most impact when improvements are made. For example, if one of the objectives is to increase customer satisfaction, the processes that are visible to the customer need to be identified. The focus can then be on these processes and their supporting activities. Filtering can identify processes that:
Are redundant because they are already covered by another process
Provide low ROI (return on investment)
Score low in customer satisfaction
Cause frustration to the staff
The above list provides examples of criteria that can be used to prioritize and filter the list. Each project will have its own unique set of criteria based on its objectives.
Benefits of Prioritizing Documentation
Documenting every process without first obtaining knowledge of its properties and value to the overall objectives can make it difficult for the team to focus and can waste valuable time. These are some of the benefits of prioritizing the list before starting documentation:
Saves time and effort by documenting only the processes that contribute to the objectives of the project; avoids spending time on low priority or redundant processes.
Provides a clear and consistent sense of purpose among participants because the list has been prioritized with the help of stakeholders.
Enables the success metrics of each process to be aligned with the overall objectives because processes have been prioritized based on the objectives of the project.
Fosters informed and valuable team participation and feedback because participants understand how each process contributes to the objective.
Facilitating a Filtering Session
The simplest way to create a prioritized list is to bring together the process team, project sponsors, and process owners and facilitate a filtering session. The goal of the session is to filter the list of processes based on a defined set of criteria. The criteria can be simple or complex. One option is a simple exercise in which participants plot processes on a two‐dimensional chart (for example, effort against value). Another option is to work with a more comprehensive matrix that takes multiple objectives into account.
The discussion in the session should remain high‐level; the exercise does not require the team to go into the details of each process, but simply to first define the criteria and then to weigh each process against those criteria. This will meet the goals of the filtering session and allow the project to move forward with clearer focus.
Process documentation projects require enthusiastic participation from the project sponsors, process owners, and the staff involved in the process. Keeping the attention of a large group of people through delays and changes can affect the quality of their participation and consequently, the quality of the project. Prioritizing is one of the ways to mitigate this risk.