Pages in topic:   < [1 2 3 4 5 6 7] >
SecurePRO update - list of security practices derived from SecurePRO cards
Thread poster: Henry Dotterer
Henry Dotterer
Henry Dotterer
Local time: 19:29
SITE FOUNDER
TOPIC STARTER
Thanks, Otha! Aug 25, 2017

Otha Nash wrote:
Henry Dotterer wrote:
Well, I would not say that that is quite the point of the card. In the form for entering information, it states: "Use this section to communicate to potential clients and collaborators your philosophy and practices related to confidentiality and data security." Basically, this is a space to present information related to your handling of data security. The section is not meant to divine which professionals are "trustworthy" and "reliable" in a general sense.

That's not how the program is presented. The card itself prominently says on the front "Identity information (Know Your Translator™)", implying that the program is intended to verify the identity and reliability of providers in general, rather than identify compliance with a specific set of privacy and security practices.

Thanks for that feedback, I see what you mean, although it is still not clear to me "reliability" is brought to mind. We'll scrub the presentation to reduce the likelihood of this sort of interpretation.

Can someone help me to understand what is giving the impression that SecurePRO is somehow contrary to NDAs?

Not contrary to, but meddling with... I'd rather not run the risk of ProZ prejudicing... It seems to me that you're running the risk of turning matters that can be negotiated into disqualifiers before the contractor ever has an opportunity to be considered by an outsourcer.

There is no intention to meddle or to disqualify, only to support, but I understand the concern. The risk is there, so this deserves consideration now, and observation on an ongoing basis. If anyone sees any signs as we go forward that this program is working against the interests of freelancers, or LSPs, we want to know.

Why risk "prejudicing" at all, one might ask? Because there are significant shortcomings in the prevailing approach to NDAs in the industry -- shortcomings that work against freelancers, LSPs, and the industry as a whole. Our intention is to provide tools that professionals in the translation industry can use, if they wish, to hopefully overcome some of the problems they would otherwise continue to experience. That's the business ProZ.com is in.


 
Henry Dotterer
Henry Dotterer
Local time: 19:29
SITE FOUNDER
TOPIC STARTER
Now possible to "discuss" individual practices among peers Aug 26, 2017

It is now possible to post one short comment to any security practice you choose.

What's the thought behind this? Basically, we want to facilitate knowledge sharing of this sort:

* If you have information helpful to other freelancers about a given practice, you can use share it. (Example: "I use {whatever tool}.") You may want to include a link.
* If you want to comment on the reasons you do or do not offer a given practice, for consideration by other freelancers,
... See more
It is now possible to post one short comment to any security practice you choose.

What's the thought behind this? Basically, we want to facilitate knowledge sharing of this sort:

* If you have information helpful to other freelancers about a given practice, you can use share it. (Example: "I use {whatever tool}.") You may want to include a link.
* If you want to comment on the reasons you do or do not offer a given practice, for consideration by other freelancers, you can do so.

The comments will be visible only to other freelancers (Plus subscribers only for now, but it will be open to all members next week). They will not appear in SecurePRO cards, and will not appear to clients.

Please note, in other words, that when you indicate your practice offerings, the target audience is potential clients, but when you enter a comment you should do so as though you are addressing peers. Hopefully this will not prove too confusing. (If it does, maybe we'll separate pages.)
Collapse


 
metafrasi.pl
metafrasi.pl
Poland
Local time: 00:29
English to Polish
+ ...
Is SecurePRO secure? Featuring Sheila. Aug 26, 2017

Seems like a lot of time since I jocularly suggested vetting off before paying translators have access to vetted clients. (Don't know why that SecurePRO thread was closed soon after, it was a nice one.) I have since lowered my expectations. "I hereby tick off that I always pay for ordered and delivered services" (/ "I do not" / "Upon request") would make the world a better place and me one step closer to paying for Plus (even though I view it as a Basic feature). I still kind of hope that option... See more
Seems like a lot of time since I jocularly suggested vetting off before paying translators have access to vetted clients. (Don't know why that SecurePRO thread was closed soon after, it was a nice one.) I have since lowered my expectations. "I hereby tick off that I always pay for ordered and delivered services" (/ "I do not" / "Upon request") would make the world a better place and me one step closer to paying for Plus (even though I view it as a Basic feature). I still kind of hope that option is higher on the programmers' log than "I try not to drink coffee near my Mac" or even "My Mac is strategically centered in my bunker office so that no men in black can overtake flying e-info from their inconspicuous limousines outside" (since you forgot that one, ha!).

Well, I have worked for a ministry of defense (picture the requirements - not sure if SecurePRO would get me the job), certified in IT security & was considering the card thing. I would enjoy a civil discussion about the program on an open discussion forum but...

Henry Dotterer wrote:

Those of you who have opted out, I value your opinions, too, but maybe limit yourself to just one or two posts here, since you are not going to be using the features anyway. If your goal is to have the initiative canceled, don't waste your time.


That's, ekhem, um... funny?
I am writing this as that of us who has not opted out. Where do I opt out? (How did I opt in?)

And now I go to think before I post my second, conditionally permitted message. Then I will dutifully move on to more realistic endeavors, say, ending employee abuse in some branch or taking down a dictator or two. Underground (like a chat with Sheila on some empty nudist beach - those treacherous pockets! - in strong wind), like any decent subversive individual should.

Henry Dotterer wrote:

Get it?


[Edited at 2017-08-26 17:25 GMT]

[Edited at 2017-08-26 17:28 GMT]
Collapse


 
Tom in London
Tom in London
United Kingdom
Local time: 23:29
Member (2008)
Italian to English
A' propos of security..... Aug 27, 2017

Maybe Proz should do something about this:

Screen Shot 2

and this:

Screen Shot 1

Note the last section "connection not encrypted".


 
Henry Dotterer
Henry Dotterer
Local time: 19:29
SITE FOUNDER
TOPIC STARTER
The page is open to all Sep 7, 2017

Thanks for the feedback, everyone. We have made some improvements, and the page is now open to all. (Only members see aggregate data though, and that only after entering one's own data.)

More information will be added on each practice, and adjustments will be made to the overall list, as data comes in. Then we'll move on to additional steps.


 
Henry Dotterer
Henry Dotterer
Local time: 19:29
SITE FOUNDER
TOPIC STARTER
Better now? Sep 19, 2017

Tom in London wrote:

Maybe Proz should do something about this:

Screen Shot 2

This was a good point. Do you still get that message? (We fixed it.)


 
boostrer
boostrer  Identity Verified
United States
Local time: 19:29
Member (2007)
English to Russian
+ ...
Good job Oct 19, 2017

"* The most commonly used sensitivity level is MEDIUM, and the next most common is HIGH. About 10% of the time, LOW is used to indicate that confidentiality is not an issue."

In other words, the agencies have been convinced that they need this useless option. Good marketing job. Sort of selling sand in Sahara.


 
Henry Dotterer
Henry Dotterer
Local time: 19:29
SITE FOUNDER
TOPIC STARTER
Any other explanations? Oct 19, 2017

boostrer wrote:

"* The most commonly used sensitivity level is MEDIUM, and the next most common is HIGH. About 10% of the time, LOW is used to indicate that confidentiality is not an issue."

In other words, the agencies have been convinced that they need this useless option. Good marketing job. Sort of selling sand in Sahara.

We did nothing more than put the field in the form. It is off by default and no one has to put anything in. The fact that they choose to use it, in an apparently meaningful way, would seem to me to be evidence that security is an issue, and that security needs vary from job to job.

Do you disagree with that? If so, how do you explain this behavior?


 
boostrer
boostrer  Identity Verified
United States
Local time: 19:29
Member (2007)
English to Russian
+ ...
Markets and consumers Oct 23, 2017

[quote]Henry Dotterer wrote:

boostrer wrote:

The fact that they choose to use it, in an apparently meaningful way, would seem to me to be evidence that security is an issue, and that security needs vary from job to job.

Do you disagree with that? If so, how do you explain this behavior?


There are a lot of things people don't need, but use just because they have been convinced that it is fun/good for health/good for safety/good for their mental or physical abilities: watching TV, text messaging, posting their selfies, visiting psychologists, abstaining from salt, and using SecurePRO cards.


 
Mirko Mainardi
Mirko Mainardi  Identity Verified
Italy
Local time: 00:29
Member
English to Italian
Now at 89%... Nov 9, 2017

Mirko Mainardi wrote:

Jason Grimes wrote:

The profile completeness checker now correctly respects the opt-out setting for security procedures. (If you've opted out, it will count as complete.)


Thank you Jason. This is to confirm it is now working.


And my profile completeness is now at 89% ('Encouraged - (8/9)')... The only grey checkmark still is 'Standard security procedures'. Would it be possible to avoid these sudden, unexplained and unannounced changes in profile completeness, please?

Thanks.


 
Sheila Wilson
Sheila Wilson  Identity Verified
Spain
Local time: 23:29
Member (2007)
English
+ ...
What is its use when every single profile has it? Nov 9, 2017

I just had a private contact from a direct client. She only registered here this month, presumably with the sole intention of finding someone for her thesis, and she set up a very basic "end customer" account.

But even she, who has absolutely no need for one, has a message displayed to the effect that she is "the owner of a SecurePRO™ card":

Account type End Customer
Data security This person has a SecurePRO™ card. View now.
Expertise Detailed fields
... See more
I just had a private contact from a direct client. She only registered here this month, presumably with the sole intention of finding someone for her thesis, and she set up a very basic "end customer" account.

But even she, who has absolutely no need for one, has a message displayed to the effect that she is "the owner of a SecurePRO™ card":

Account type End Customer
Data security This person has a SecurePRO™ card. View now.
Expertise Detailed fields not specified.
Experience Registered at ProZ.com: Nov 2017.
ProZ.com Certified PRO certificate(s) N/A
Credentials N/A
Memberships N/A
Software N/A
About me
No content specified

What on earth is the point of that? Can we please opt in to this card, rather than opt out?

Secondly, even when we choose to opt out - as I have - this message still appears on our profile!
Collapse


Franck Sogho
 
Mirko Mainardi
Mirko Mainardi  Identity Verified
Italy
Local time: 00:29
Member
English to Italian
New "encouraged" field? Nov 10, 2017

I just noticed that now it seems there are 9 "encouraged" fields (at https://www.proz.com/settings/freelancer?update_completeness ), while when I raised the same issue in August there were 8 of them, as shown below:


Profile_completeness


What is going on, and why things that directly affect our profiles, positioning, etc. keep changing without notice? And is anybody else seeing the same in their profiles?


 
Jean Dimitriadis
Jean Dimitriadis  Identity Verified
English to French
+ ...
Profile completeness Nov 10, 2017

I have noticed the same thing in my profile.

Although all items are marked with a green check in https://www.proz.com/profile-completion the percentage does not go above 89%. Nothing seems to be missing.

Any pointers?

Jean


 
Henry Dotterer
Henry Dotterer
Local time: 19:29
SITE FOUNDER
TOPIC STARTER
New encouraged field -- probably tagline Nov 13, 2017

Hi folks.

We are preparing an update to the tagline field of the profile. The issue you are seeing is, I would guess, a bug related to that. We'll look into it. (It will take a few days.)


 
Henry Dotterer
Henry Dotterer
Local time: 19:29
SITE FOUNDER
TOPIC STARTER
SecurePRO update - SDL announcement may be useful to consider Nov 13, 2017

Earlier in this thread, some questioned what need could possibly be met by a program addressing compliance with end-client security requirements. SDL recently made this announcement, which I think may help to illustrate the issue:

"SDL Secure Translation Supply Chain Available for Regul
... See more
Earlier in this thread, some questioned what need could possibly be met by a program addressing compliance with end-client security requirements. SDL recently made this announcement, which I think may help to illustrate the issue:

"SDL Secure Translation Supply Chain Available for Regulated Businesses" -- http://www.sdl.com/about/news-media/press/2017/secure-translation-supply-chain-available-for-regulated-businesses.html

Quote: "Companies facing industry regulations – including next year’s GDPR – need to identify, control and protect the storage of sensitive customer information. One document alone can involve up to 150 individuals in the translation supply chain. Multiply this by thousands of documents and it becomes difficult – and costly – to comply with data regulations."
Collapse


 
Pages in topic:   < [1 2 3 4 5 6 7] >


To report site rules violations or get help, contact a site moderator:


You can also contact site staff by submitting a support request »

SecurePRO update - list of security practices derived from SecurePRO cards






Anycount & Translation Office 3000
Translation Office 3000

Translation Office 3000 is an advanced accounting tool for freelance translators and small agencies. TO3000 easily and seamlessly integrates with the business life of professional freelance translators.

More info »
Protemos translation business management system
Create your account in minutes, and start working! 3-month trial for agencies, and free for freelancers!

The system lets you keep client/vendor database, with contacts and rates, manage projects and assign jobs to vendors, issue invoices, track payments, store and manage project files, generate business reports on turnover profit per client/manager etc.

More info »