A guide to On page optimization

Newswhip.com prediction for 2019 social media

Happy holidays, I recommend checking this report from Newswhip, about 2019 social media

Newswhip report

Happy new year, 2019

How to Increase Your SEO Traffic in 30 Days

Originally: https://www.wpeka.com/increase-seo-traffic-30-days.html SEO, at the time of this writing, is no easy task and the results aren’t going to be anywhere close to how it was in the late 90s. Those days, you could pull it off with a 7 step process, a shady website, and with a few mega bytes of content thrown in to show up on search rankings by the end of 3 days. We’ve come a long way since then and the nuts and bolts of SEO are changing every single day. For everyone with a website, however, learning how to increase SEO traffic is a major fixation, and that’s a good thing. Regardless of how hard it gets to rank your pages for your preferred keywords, organic search listings are still a great way to get (and increase) traffic to your website (and is also a trusted route). As Jason DeMers of Search Engine Land writes, you’d need a lot more to succeed with SEO in 2017 than you’d have needed in 2009.

Get The Technical Part Sorted

Before you go looking for how to increase SEO Traffic, you’d have some work to do. Google has a mix of preferred requirements that are now a mandate. Your website has to load fast, and Google already indicated that site speed is certainly one of its signals that its algorithms take into consideration, according to Moz. Related: 15 Fast Loading WordPress Themes for Reduced Loading Time It’s another thing that fast loading websites are also great for user experience. Enable compression, Minify HTML/CSS/JavaScript files, enable Browser Caching, enhance server response times, use a CDN, and also make sure you optimize your images (since more images tend to slow down websites). Responsive websites are critical for performance too, thanks to an Official Google Release in February 2016 when it announced official integration of AMP (Accelerated Mobile Pages). Wondering how AMP helps with SEO? A DoubleClick Study revealed that more than 80% of publishers realized higher page views rates and lower bounce rates. More than 90% of publishers reported higher engagement with pages. Also read: How to optimize mobile SEO in 2017

Start With On-Page SEO

 If you’d like to see results off your SEO efforts and increase SEO traffic to your website in 30 days more or less, On-Page SEO is where you’ll be spending more time on. With WordPress, using effective plugins like Yoast SEO Plugin along with W3 Total Cache help focus on speed as well as basic Search Optimization you’d need. For most cases, Brian Dean of Backlinko has helpfully listed out the anatomy of a perfectly optimized page for 2016, and a few basics obviously stand out:

• Start with the obvious meta information, title tags, and keywords in your titles. Make sure the titles are in tags.
  
• Use SEO-friendly URLs and slugs
• Every image uploaded should have keyword rich anchor text.
• If you can, drop your focus keyword within the first 100 words of your text
• Link out to other influencers, stats, research, and other blog posts while publishing your own content.
• Use LSI (Latent Semantic Indexing) keywords — they boost your chances of getting found for relevant keywords and their synonyms but also give you more creative freedom to write and publish your content.
• Make your content “Shareable” on social media. Google also takes Social media signals into account and the more popular a piece of content is (for a relevant keyword), the more Google tends to favor it in search.
• The days of writing short, 350 word posts are over (unless the post itself doesn’t need more than 300-500 words). Focus on writing long-form content.

Use Schema for Markup

Google is already experimenting with various ways to make a users’ search experience more valuable. Say hello to Schema (a collaborative project between Google, Yandex, Bing, and Yahoo) – micro data that uses your website and content structure to present information in a more usable format for users, within search results. Schema is directly added into your site’s HTML code and is defined by Schema.org Type Hierarchy. Schema helps Google and other search engines to interpret your content accurately due to rich snippets, thereby increasing your site’s visibility and traffic. Dan Shewan of WordStream has a handy guide to help you to start using Scheme Markup for SEO.

Work On Quick Link building & Traffic Generation

 Link Building specifically happens in two ways, as on 2016 (and beyond):

1. Producing high-quality content that others find and then link to.
2. Building a specific process for link-building involving outreach, consistent publishing on other blogs (guest blogging), and creating other forms of viral content that are used as vehicles for link building (infographics, videos, and more).

Since our focus is to start bringing in SEO results and boost traffic quickly, aim for the low-hanging fruit and split your link building and traffic generation strategy into two time frames: Short-term and long-term (the inherent process is still the same). For short-term, here are a few ways to speed up your Link building quickly: Find high-quality, but easy media for publishing: Start with LinkedIn Publishing and start writing up content of high value. The advantage is that anyone with a LinkedIn account can publish and this allows for immediate results. A few blogs also allow for automated signup (or quick applications) to start guest posting.
Publish on Medium: Medium is quickly rising to be a trusted resource as a parallel publishing platform on top of the efforts you already take with your blog and guest posting. Like LinkedIn Publishing Platform, Medium allows anyone to signup and start publishing.  By linking to your own content (where it makes sense, and without overdoing it), you can quickly build up links to your own properties.
Answer to bait, on Quora: For every question that relates to your business niche on Quora, you have a chance to insert a relevant link that leads to an article or a blog post with more information pertaining to that question.  Quora users are hungry for information and clicking on your links comes naturally to them. Quora happens to be one of the best (and the fastest) ways to get traffic in as much as a day with consistent effort and truly highly-quality answers.
Stumble on StumbleUpon: Most people don’t realize this but StumbleUpon isn’t a forgotten piece of social media real estate.  According to Search Engine People, StumbleUpon has more than 30 million active people each month, and the average StumbleUpon Session lasts for anywhere between 22-30 minutes. More than 15% of B2B marketers use StumbleUpon to distribute their content. Those are just a few of the ways as to how to increase your SEO traffic to drive more visitors to your website, increase conversions, and boost your business. However, don’t get too fixated on 30 days or 60 days. Search Engine Optimization is a long-term strategy and it begins to show results only when your efforts are consistent, and when you do the right things such as producing long-form, high-quality content for long periods of time. Also, SEO isn’t the only way to drive traffic to your website. Tap into the power of digital marketing as a whole and work on other digital marketing channels too. What do you do with SEO to drive traffic to your site?

6 Verbal Tricks Bosses Use to Manipulate Employees

You probably have your own verbal tics too… but at least you’re trying to say what you mean. What’s worse is when people — especially leaders — use certain expressions to divert attention, hide what they really mean, or simply fail to do their jobs.
Like these all too common moves:
1. The Fake Agreement: Pretending to agree while expressing the opposite point of view.
Example: “I definitely see what you’re saying… but I don’t think we should take on that project.”
In fact you don’t really see what I’m saying because otherwise you would agree with what I’m saying. Beginning a sentence with, “I hear you…” is like a condescending pat on the head.
Don’t try to couch a different opinion inside a warm and fuzzy Fake Agreement. If you disagree, say so.
2. The Unsupported Closure: Ending a discussion or making a decision without backup or solid justification.
Example: “At the end of the day, we’re here to sell products.”
Really? I had no idea we’re supposed to sell products!
Unsupported Closure is the go-to move for people who want something a certain way and don’t feel like — or more likely can’t — justify why. Whenever you feel an, “At the end of the day…” coming on, take a deep breath and start over; otherwise you’ll spout inane platitudes instead of objective reasons that may actually help people get behind your decision.
Quick note: A Fake Agreement combines nicely with an Unjustified Closure: “I hear what you’re saying, but at the end of the day it’s my job to make the decision.” Win-win!
3. The Double Name: Using a person’s name twice — especially your own — in the same sentence as a way to justify unusual or unacceptable behavior.
Example: “Hey, what can I say? That’s just Joe being Joe.” (Even worse, “Hey, what can I say? That’s just me being me.”)
The Double Name is just a way to excuse behavior that wouldn’t be tolerated from others. You just being you… is you just being a jerk.
(And everyone knows it.)
4. The False Uncertainty: Pretending you’re not sure when, in fact, you are.
Example: “You know, when I think about it I’m not sure shutting down that facility isn’t actually the best option.”
Oh yes, you’re sure; you’re just trying to create buy-in or a sense of inclusion by pretending you still have an open mind… or you’re planting seeds for something you know you will eventually do.
Never say you are not sure unless you truly are not — and are willing to consider other viewpoints.
5. The First Person Theoretical: Pretending to be another person in order to explore different points of view.
Example: “Let’s say I’m the average customer. I walk in your store. I want to buy a shirt…and so on.”
You can get away with this occasionally, but more than once a year is really irritating.
Think about it. Let’s say I’m the average reader and I know someone who uses the First Person Theoretical to pretend they’re putting themselves in someone else’s shoes. And let’s say I’m thinking it’s really irritating.
And let’s say I’m thinking we should just move on… and circle back to where we started:
6. The Favorite Word: Using a word so often… that word becomes the only word anyone hears.
Examples: Endless.
Not really deceptive, but still diverts attention.
For example, I had a boss who never met a sentence he couldn’t find a way to shoehorn “in other words,” “in general,” and “regarding” into. Often he could cram all three into the same sentence. I once kept track and counted thirty-seven “in other words” in four minutes. (Hey, I’m not proud.)
When you fall in love with a word or expression other people not only tire of it but they start to hear nothing else — and whatever you hoped to get across gets lost while people think, “Oh jeez. For once could he leave out the ‘that’s neither here nor there’”?
Trust me. I know.

4 Ways to Boost Business With a Blog

If done correctly, a blog can attract a dedicated audience to build upon and share expertise, information, ideas and content, while boosting awareness of your company and brand. If done incorrectly, however, you can leave customers feeling dissatisfied and ready to turn to your competitor. Here are four ways you can leverage a blog:

1. Create friend-sumers.
   Promote a company, product or service by creating a blog that features how-to advice, news and other information of interest to customers. Through the blog, visitors can post testimonials, feedback, questions and comments, plus participate in surveys. By taking an informal, non-sales approach, a company can interact with customers, gain useful feedback and build an online audience that can ultimately be directed to the company‘s main website or retail store.
2. Provide exceptional customer support.
   Supplement a company’s existing technical support and customer service with an online forum for customers to openly post questions. While employees can update and maintain this type of blog, users feed it with comments and also tap the knowledge of other users by reading past questions and interacting on the forum. If done correctly, this type of blogging can dramatically cut the cost of personalized technical support and customer service. Check the comments section for frequent users who can be recruited as bloggers to further increase your blog’s content. They can also be asked to “host” certain threads or wikis to encourage dialogue on topics that need a little TLC.
3. Increase your credibility.
   A blog is an ideal tool to position yourself as an expert in your field by sharing your thoughts, knowledge, experience and insight. Obtaining expert status can increase your earning potential, make it easier to land a new job or promotion, and help attract new customers.
4. Gain more exposure.
   Ask independent bloggers to write reviews and articles about your company. Having your information published on different blogs builds your legitimacy and exposure. Also, it’s often faster and easier for a business to get blog content (as opposed to traditional website content) listed with the major internet search engines.

Two More Keys to Blogging Success
Before investing the time and money, clearly define your potential blog’s goals and objectives, and then determine your exact target audience. Figure out what you’ll offer that’s unique or that will set your blog apart, and make sure you have enough potential content to keep your blog continuously updated and fresh.
Next, figure out how you’ll drive a steady flow of traffic to your blog and build its audience. Properly and creatively promoting a blog on an ongoing basis is essential for building an audience. For many bloggers, this often proves to be their biggest challenge. Having unrealistic expectations about how quickly and easily you’ll be able to drive traffic to a new blog is one of the biggest reasons why bloggers fail.

5 Astounding workspaces of successful internet companies

Today you will take a look at some of the best office’s in the industry. We have gathered office photographs from some of the most well know internet companies around. They are YouTube, Google, Threadless, SoundCloud, and Twitter. You will see how the employees of these companies get treated and what kinds of perks they get daily. Honestly these examples should set the standard workspaces for any internet business. For example Google has a chef that will cook you anything you like! Considering i can’t cook, this would be the perfect job for me. Anyhow, we hope you will enjoy this roundup. We have included some history and numbers about the companies below, so be sure to read before browsing.

1. YouTube

Ever since its launch in 2005 YouTube has quickly become the top dog  for video content on the internet. Today YouTube is the third most visited website in the world according to Alexa. We use Youtube to find funny videos, movie trailers, video game montages, music videos, and much much more.  In 2006 Google purchased YouTube for $1.65 billion, and to this day it has yet to make its first profit.
Now that you have some background on YouTube, we would like to show you what its like to be an employee for them. Check out the following pictures of the YouTube Headquaters located in San Bruno, California. The employees at Youtube have many perks at their job, like the swimming pool, workout room, and a little putting green.
Website: http://www.youtube.com/

2. Twitter

Well if you haven’t been living under a rock, you probably know what Twitter is. Founded in 2006, Twitter is one of the biggest social networks on the internet just like LinkedIn and Facebook. As of Jun 8, 2010 Twitter has over 190 million users, and their users tweet over 65 million times a day! Twitter currently has 141 employees ranging from Business Development & Sales, Engineering,Corporate IT, Research, Support, and much more.
Check out the following pictures of the Twitter Headquaters located in San Francisco, California. Twitter HQ has several small meeting rooms with displays or white boards. They really do a great amount of brainstorming and opinion gathering with most employees.
Website: http://twitter.com/
Photos found via Flickr Albums: Twoffice 3.1, Twoffice 3.o and Twoffice 3.5

3. Google: Zurich

Google is the tech giant. Founded in 1998, Google employs over 20,000 workers. Google has been known for both creative and fun workplace and Google’s Zurich office definitely shows that tradition off. Just like other Google offices, workers have access to dining areas and many fun things. If you’re tired and need a break, just get up and read a book, play Xbox, play pool, get a meal made for you by a chef, or just watch Tv. Basically Google sets the standard of what a workplace should be like.
Although this isn’t the main Google Headquarters, Zurich shows of many features that most Google buildings provide. Don’t get too jealous while browsing.
Website: http://www.google.com
Photos found via Flickr user Albert Bredenhann

4. Threadless

Threadless is one of the most successful online T-shirt company. Threadless was founded in 2000 by Jake Nickell and Jacob DeHart after winning a custom shirt design contest. Ever since it has grown to be one of the best web based clothing retailers around! Currently Threadless has 80 employees.
Check out the following pictures of the Threadless Headquaters located in Chicago, Illinois. The workspace is full of shelving stocked with new shirts ready to be shipped. One of the most valued perks looks like the ping pong table. We wonder, who is the champ?
Website: http://www.threadless.com/
Photos found via Flickr user JOE M500

5. Sound Cloud

Founded in 2007, SoundCloud lets you move music fast & easy. The platform takes the daily hassle out of receiving, sending & distributing music for artists, record labels & other music professionals. Many common day artist use SoundCloud to share their gigs, sets, and tracks they have produced. Lets say you just made an awesome tune, and would like to share it. You can publish it and let you friends download it directly from SoundCloud.
You probably think soundcloud is just managed by a huge group of people, well currently they only have 30 employees. Their office is very minimal and serves as an easy going friendly environment. Check out the following pictures of the SoundCloud Headquaters located in Berlin, Germany.
Website: http://soundcloud.com/
What studio would you work for if you had a chance? We would love to hear your thoughts, so please comment below(don’t be shy!).

4 Valuable business lessons I learned from Civilization Revolution

If you didn’t know by now, Sid Meier’s Civilization Revolution is a 2008 iteration of Civilization developed by Firaxis. The game was designed for the PlayStation 3, Xbox 360, Nintendo DS, Windows Phone, and iOS. The touch screen based strategy game is disgustingly addictive and will steal your soul until you finish the entire game, which from my experience, takes about two hour to do so. While trying to figure out what ways I could successfully win the game with my civilization, I started to notice a few correlations that this game has with real life business decisions. And thus this article was formed!
Introduction to the Game
The main game of Civilization Revolution begins in 4000 BC, with a lone settler in the middle of a little-explored region. That settler has the capability to start a city, which, depending on its specific mix of geographical surroundings, begins harvesting food (for the continued growth of the city), production (for the creation of units and buildings), and trade (that can be then turned into either research points or wealth). In the early stages of the game, you will encounter uncivilized villages consisting of primitives such as barbarians and friendly villages.
Over time, further settlers can be created, forming new cities
Buildings can be built to improve each city’s overall productivity
Military units can be formed, focusing either on defense, offense, or exploration
Technologies can be researched, allowing for newer buildings and units
Buildings in a final category, “Wonders,” provide major advantages to the civilization that builds it, either across their entire empire or just in the building city, depending on the Wonder. Meanwhile, rival civilizations are encountered, which can be both valuable trade partners, strategic allies, or dangerous enemies. Ultimately, each civilization competes for land and resources with the purpose of eventual military, technological, cultural, or economic domination.
Civilization Revolution is a turn based strategy game, with every “turn” representing the passage of several years within the game, which changes from 100 years in the beginning to two years by the end, reflecting the faster pace of contemporary society made possible by technological advancements. Later-era units and buildings are also more “expensive” to build (in terms of production points) than earlier ones, which is matched with cities’ increased efficiency and population. Where the early game tends to be focused on exploring and expanding one’s empire, the later game is dominated by the interactions forced upon the player by rival civilizations.
A victory can be achieved in four different ways.
Domination: The player must capture all of the other civilizations’ capital cities and hold them for one full round, but they do not need to destroy or capture every city.
Culture: Obtain a total of 20 great persons, wonders, and/or converted cities in any combination, and build the United Nations wonder.
Economic: Acquire 20,000 gold and build the World Bank wonder.
Technological: Research all technologies necessary to build and launch a space ship, and be the first to reach Alpha Centauri.
Unless specified in a scenario, all four victory conditions are open to be used. Different civilizations have distinct advantages over others depending on their “bonuses”. If the player’s civilization is nearing one of the above mentioned victory conditions, all other civilizations will declare war on them in an attempt to delay or stop them from winning. The construction of the World Bank, the construction of the United Nations, and the launching of the ship to Alpha Centauri can all be stopped by capturing the enemy’s capital and palace.
Players can control one of 16 different civilizations, each with a different leader. Each civilization starts the game with a different special bonus that can be either a technology, a Great Person, or a special ability. As the game progresses through time, the civilizations also obtain new abilities after researching a specific number of technologies. In a given game each civilization can have up to four bonuses that vary from civilization to civilization. Many of the civilizations have specific specialized units that only they can build but unlike previous installments, these are for looks only. Special units do not possess stats beyond the normal unit but may have varying abilities.
Finding Your Niche
At the begining of the game you are required to select your civilization. Each leader has benefits that you will gain if you play as them. This sort of scenario can easily be found in the business world. Just like any business, you are the leader that gets to make the choice of what you want to do. Every single industry has it’s pros and cons.
I would personally suggest you start your own business based on your passion. Money does not bring happiness, and tends to come and go. If you think that you’re going to make a daily deal clone like Groupon and succeed then…..good luck with that. As easy as the idea might seem, think about everybody else who has thought of this. I often see people going after easy businesses where they barely have to use their brain or work hard. The cold hard truth is that all successful people had to work hard to get to where they are today.
Being a copy-cat is nothing to be proud of. Being a competitor that sees an opportunity where another company is failing, is a great thing to be proud of! When starting a business you have to look into the future and see how the business will run.
Will you run it?
What will the daily operations be like?
Do you need to hire people?
Do you need financing?
Those kind of mental questions are just 4 out of thousands that you should be asking yourself. Feeling inspired is one thing, working on an idea and putting your sweat/tears into it is another. All I’m trying to say is that you need to evaluate your future goals and bring something new to the table. Outing your competition in their own craft will lead you to success no matter how small you are.
Designing your Destiny
The wide variety of choices that you can take in the game is overwhelming, just like a real world business.
Do you want to research and undercut other civilizations/businesses with your technology?
Do you want to win with culture, by providing your civilization with an incredible experience that they will want to write home about?
Do you want to destroy other civilizations/competition and take them out of business?
Do you want to accumulate wealth with your civilization/business so you can afford and acquire anything you desire? (Nice verse, my Hip-hop career is finally taking off!!!)
While running your business you will have to face difficult decisions. This is not a “shocker” to most entrepreneurs, because they understand the risks that they took when they started. One thing for sure is that playing it “safe” is extremely risky. Don’t ever let fear discourage you or crumble your goals. Nothing is Impossible, if you put your mind to it, desire it, and work your ass off to get it. If you’ve previously read Think and Grow Rich by Napoleon Hill, you will know exactly what I’m talking about.
Dealing with others
Unless you’re a pioneer, every market has competition. You are fighting for the customer and trying to sway them to purchase your product instead of the theirs. This is a common business practice and you can see it currently happening with the technology industry. With new phones coming out almost every 6 months or so, the cut throat business is scary. Once upon a time everybody had a Nokia phone, but now…
Apart from competing with other civilizations, as you do with other businesses, there comes a time when partnerships provide financial gain to both parties’ included. Teaming up with another company may happen when you both share a common enemy and want to eat their market share. This proves that being a lone-wolf is not always a great idea. Join a wolf pack!
Having a clear vision
If a captain on a ship doesn’t have a map, he’s floating nowhere. Yes that’s a horrible analogy, but you get the drift. Write down your business goal and set a specific date you will achieve them by. Some of you reading this will think that it’s elementary to do this, but you could not be more wrong. Saying and going over your goal every single day will help you reach them faster. This does not mean they will just spontaneously happen. It means that you must also do your part and work hard on the goal at hand.
Seeing is believing. Therefore if you see yourself accomplishing that goal, it is more than likely to happen. Don’t ever get sad. Stop letting negative things rule your life. Stop letting other people criticize you, that shit gets in your head and now you have manifested unwanted fear. Create a mental wall that blocks out all the negative things in your life and always stay positive. Not only will this help you with your business, but it will also change your life.
Fill your life/career with desire for success, faith in what you’re doing, love, enthusiasm, romance and hope. Kick out fear, greed, revenge, superstition, anger, and jealousy. Don’t hate on others success, they have worked hard to get there. Evaluate what other business owners did right and replicate. Find flaws and avoid them at all costs.
copied and originally posted on September 03, 2012

10 guidelines to help you innovate and get stuff done

Innovation is simple. You don’t have to be a genius, or boast an MBA from Harvard, or carry some McKinsey strategy in your back pocket. You don’t even have to have an original idea. You simply have to be able to get shit done.
Gates, Ellison, Jobs and Zuckerberg are our modern-day geniuses of technology and business. Yet not one of these geniuses graduated from college, and not one single-handedly invented a business, much less an entire industry.
Indeed, these guys didn’t do anything first–they simply did it better. Every one of them took a latent asset and created incremental utility or value.
So how do you do that? How do you take the dormant assets lying around your office and life and build real value? How do you awaken the innovator in yourself and your team?
Here are 10 simple guideposts to help you get shit done (GSD):

1. The ‘I’ in innovation is (mostly) silent

Innovation is not a solo exercise. Gates, Ellison, Jobs and Zuckerberg each had a cadre of founding supporters who brought their capacity and capability to GSD.
As Frans Johansson documents so well in ‘The Medici Effect,’ a diverse group of people bringing a variety of perspectives to the job produces better results. No one is infinitely capable; you need cross-functional support. Secure it by compelling those you believe in to believe in you and the innovation you’re pursuing.

2. Time is not on your side

The Iron Triangle provides your levers: resources, scope and time. But time is the one lever that rules them all. Know your ability to move these and bear in mind that your ability to move them quickly degrades with time.
Enter in a nascent phase and all variables are fungible. Enter at mature phase and you will find that some are fixed and some are variable. If there is variability, understand your business’s tolerance ranges and ruthlessly live within them.

3. Announce change…then demand it

Make no mistake—if your organization is not creating sufficient value, it needs to change. Probably a lot. Don’t soft-sell it.
Set clear expectations about what you’re going to do and signal the changes that will have to occur. Kill the sacred cows and aggressively re-orient the strategy from maintaining the status quo to making daily incremental progress. This may mean radical changes to the culture and team.
For instance:

• Heinous Amounts of Meetings with No Outcomes or Action –> Standup Meetings with Strong Outcomes and Actions
• Low Individual Accountability –> High Individual Accountability
• Large Teams –> Small, Agile Teams
• Waterfall –> Agile
• Top Down –> Bottom Up
• Go Dark and Experiment and Build For Years –> Rapid Iteration and Prototyping with the Customer
• Isolated From the Customer and Business –> Connected To the Customer and Business

4. “Culture drives great results”

Jack Welch said that, and it should resonate across everything you do. When (re)building culture create one wherein customer focus, open communication, permission, empowerment, humility, innovation, change and fun are celebrated.
PS, don’t feel a need to reinvent the wheel; there are some excellent cultural frameworks for reference:

• Amazon Leadership Principles
• Google Values
• eBay Values
• What Defines Hulu

5. Bring an umbrella

Protect your team from distraction and empower them with resources and permission to do their jobs. One of my employees recently told me, “I see shit raining down all around us, but it never lands on my head–you’re like a gigantic umbrella.
All jokes about my girth and hygiene aside, I took this as a massive compliment.

6. Burst your bubbles

Umbrellas can turn into 360-degree bubbles. And all bubbles burst. What’s intended as an effective way to protect your team from distracting or disruptive externalities (bureaucracy, politics, process, ignorance) may leave a lasting residue on the team inside—and ultimately insulate them from the rest of the company.

7. Failure is an option

Nielsen research suggests that “about two out of every three products are destined to fail.” Are you ready for that? Is your company ready to walk away from a product? Failure is an option that you should acknowledge and prepare for.
On the other hand, success is a byproduct of iteration. Ensure that your business is prepared for iteration and is committed to sustain investment.

8. ABCD

Always Be Continuously Deploying. Ship product. Never stop. You will fail, but the sooner you do fail the sooner you learn more about your customer and the sooner you can correct your trajectory.
Give your team permission to fail, to learn, and to quickly move on. Nothing should matter more to your team and the business than ABCD.

9. Don’t pay lip-service to your customer(s)

Every product has multiple customers: internal and external stakeholders, executive management, the Board, business partners, Wall Street and–most importantly–the end-user. Every one of these customers has unique expectations, timelines and needs.
Know which customer matters when and understand the sequence of their needs. Focusing on the wrong customer at the wrong time will almost certainly put an early end to your innovation.

10. Control Hyde, Jekyll

My mentor at PayPal once pulled me aside and said, “There’s no doubt that you will lead the team to a successful launch. But at the end of the program will you look back and see a trail of dead bodies and wrecked lives–including your own? Or will you see a crowd of supporters looking for you to lead them on to the next challenge?”
Fair warning: the desire to manifest your vision will distort your mindfulness, humor and humanity. Tough decisions are a mandate of any leader, but you must learn to manage the duality that exists in all innovators: an aspirational type-A asshole versus a mindful family member, colleague, manager, mentor and community leader.
With that… stop reading, stand up, look around your office, pick something up (mentally or physically), think about its customer, think about how it can be improved–or, rather, innovated,–and start getting shit done.
copied, originally posted by WEST STRINGFELLOW  Follow
West Stringfellow is the CPO of Bigcommerce.

13 Reasons you are not as successful as you should be

1 – Laziness: I don’t think there is any easy way to put this. I have to assume that you are lazy. Every single successful person works hard to get where they are. It is ok to be lazy, just admit it. But don’t whine about not being rich and successful, ok?
2 – Entitlement: only a few people in the world are part of the lucky sperm club. You and me we got to work to get what we want. Quit thinking you are owed something. You are not. Get to work.
3 – Fear: you are afraid, plain and simple. Afraid of the looking silly. Afraid of what your friends and family will say. Afraid of anything and everything. Look, you are either going to stop being afraid or you are not. Nobody can convince you to stop. Imaging though what awaits you when you stop with the fear excuses?
4 – Negativity: you may not realize it, but the people you associate with might be negative (orifices). They could be soul-sucking beings who want to anyone to be successful. Get rid of them, now! Surround yourself with successful people. People you want to be like.
5 – Stop thinking: how much do you want to bet you have paralysis by analysis? You think too much about what you could or should do. Doers get what they want, and everyone else gets what they get. Stop analyzing and start doing.
6 – No goal: you plan nothing. You believe that someway, somehow, everything you always wanted will just magically happen. So you “play it by ear” and wait. You need goals to shoot for. Otherwise, you are just treading water.
7 – They: there is no “They”. There is no secret group of people that controls your success or failure. You have made that up to make you feel better about yourself. The truth is you and you alone, control your success in life / business / everything. It is easy to blame “them” though, isn’t it? Weak.
8 – No “X” Factor: you can’t do it because you are not pretty enough. Or don’t have the strong personality? You don’t have the “X” factor?  Wow, what an unbelievable excuse. The truth is even jerks, idiots and boring people can be just as any successful as anyone else. Your problem is you don’t believe it yet.
9 – Waste time: you are a classic time-waster. You spend hours and hours every day on not-working. You do thing that are not productive. How are you ever going to get anything done, or reach any goal if you keep wasting time? You are not. So you might as well give up now if you are not going to keep this path.
10 – Social B.S.: you spend way too much time in social media land. You waste probably about 50% of you productive hours of the day doing this, the sad part is, you know it, but you cannot stop, so you cannot get anything done that matters.
11 – You think way too small. You are constantly looking only a day or a week ahead instead of years ahead, because of this, you never get anywhere, and you never lead but always follow.
12 – Do not want it: you really want to be successful. Sure, you like to dream about it like everyone else. But in your heart you are afraid of what might happen if you really get it. That’s B.S. fear your brain is feeding you. Success is change, and it feels really, really good. Tell your brain to shut the (foolishness) up.
13 – Do not believe: yup never believed that it is possible. Society taught you that only a few “exceptional;” people get what they want. Everyone else should just settle. If you really want to believe that, go ahead. The rest of us will be at the front of the line because we believe.

Copied, Originally by Jim F. Kukral

The World’s Most Admired Companies (WMACs): Definition and Properties

Introduction:

Korn Ferry Hay Group, which has conducted the research for the World’s Most Admired Companies list since 1997, Korn ferry Hay Group is a global management consulting firm.[1]
The produced list gets published in the reputable Fortune magazine annually.
The list includes 57 industries, with total of about 1500 companies, assessed upon stringent criteria, the result then presented to a group of about 4000 respondents, which lead to a final score that ranks the companies in the World Most Admired Companies (WMACs).

The criteria

“The world’s most admired companies” is a list compiled by the famous business magazine Fortune and Korn Ferry Hay Group.
The list contains the companies which scores high in nine criteria, namely are:

• Innovation,
• People management,
• Use of corporate assets,
• Social responsibility,
• Quality of management,
• Financial soundness,
• Long-term investment value,
• Quality of products and services,
• Global competitiveness.

The ranking methodology:[2]

• The long-list start with about 1,400 companies: the Fortune 1,000—the 1,000 largest U.S. companies ranked by revenue and non-U.S. companies in Fortune’s Global 500 database with revenue of $10 billion or more.
• Create the 57 industry lists, in order to achieve that Korn Ferry Hay Group asks executives, directors, and analysts to rate companies in their industry on nine criteria, innovation, people management, use of corporate assets, social responsibility, quality of management, financial soundness, long-term investment value, quality of products and services, and global competitiveness
• A company’s score must rank in the top half of its industry survey to be listed.
  1. Because of weak the distribution of responses, only the aggregate industry scores and ranks are published in Energy; Forest and Paper Products; Mining, Crude-Oil Production; Pipelines; Temporary Help; Trading Companies; and Wholesalers: Diversified.
  2. Because of an insufficient response rate, the results for companies in Health Care: Pharmacy and Other Services and Wholesalers: Food and Grocery are not reported.
• Then, Hay Group asked the 3,920 respondents to select the 10 companies they admired most from a list made up of the companies that ranked in the top 25% in last year’s survey, plus those that finished in the top 20% of their industry.

There is take on the ranking, because anyone can vote for any company in any industry, which is why some results may seem anomalous.
For example, Southwest Airlines ranks No. 9 on the overall Most Admired list, far ahead of No. 48 Delta. But within the airline category, based on industry experts’ responses, Delta leads the ranking, and Southwest is the seventh Most Admired company.

The most recent list:

In 2017, Fortune magazine listed the most admired companies as follows: [3]

1. Apple: is an American multinational technology company headquartered in Cupertino, California that designs, develops and sells consumer electronics, computer software and online services.
2. Amazon.com: is an American company electronic company and cloud computing company that was founded on July 5^th, 1994 by Jeff Bezos and is based in Seattle, Washington.
3. Starbucks: is an American company and coffeehouse chain, Starbucks was founded in Seattle, Washington in 1971.
4. Berkshire Hathaway Inc.: is an American multinational conglomerate holding company headquartered in Omaha, Nebraska.
5. Walt Disney Company: is an American diversified multinational mass media and entertainment conglomerate headquartered at the Walt Disney Studios in Burbank, California.
6. Alphabet Inc.: is an American multinational conglomerate founded on October 2^nd, 2015.
   Founded by the two founders of Google, Larry Page and Sergey Brin, with Page serving as CEO and Brin as President.
7. General Electric: often abbreviated as GE, is an American multinational conglomerate corporation incorporated in New York, and Headquartered in Boston, Massachusetts.
   In 2011, GE ranked among the Fortune 500 as the 68^th largest firm in the U.S. by gross revenue, and the 14^th most profitable.
8. Southwest Airlines: is a major U.S. airline, the world’s largest low-cost carrier, headquartered in Dallas, Texas.
   The airline has more than 53,000 employees as of October 2016 and operates more than 3,900 departures a day during peak travel season.

9. Facebook.com: an American for-profit corporation and online social media and social networking services.
10. Microsoft Corporation: an American multinational technology company headquartered in Redmond, Washington.

Bibliography

Business news AE english. (2012, 2 22). The World’s Most Admired Companies List for 2017. Retrieved 26 2, 2017, from Youtube.com: https://www.youtube.com/watch?v=0Hea4Ifl9Ps
Korn Ferry Hay Group. (2015, 7 18). fortune wmac 2014. Retrieved 2 26, 2017, from Korn Ferry Hay Group: http://www.haygroup.com/downloads/us/fortune%20wmac%202014.pdf
[1] http://beta.fortune.com/worlds-most-admired-companies
[2] (Korn Ferry Hay Group, 2015)
[3] (Business news AE english, 2012)

6 CEO productivity tips to steal for yourself

Everyone knows that leading a company is one of the toughest gigs around. Whether running a small business or a multi-national corporation, CEOs have to manage time, resources, and multiple demands while finding the time and head space to make decisions and plot strategiesthat will determine the course of their business.
Which means that they’ve developed some master systems and tricks to maximize their productivity.
So, why can’t we steal a few moves from their playbooks? Whether you aspire to run your own business or want to be more productive at your current job, check out this list of CEO-proven tips that you can apply to any facet of your life. 

1. Take breaks every 90 minutes

Tony Schwartz, president of the Energy Project, suggests taking breaks every 90 minutes to maximize your productivity. The reason? Human bodies have an energy cycle that operates at 90-minute intervals throughout the day. When we’ve been working on something for an hour and a half or longer, it’s natural that our alertness levels will go down and our attention will wander or we’ll feel drowsy (or start checking Twitter or Facebook).
The counterintuitive secret to sustainable great performance is to live like a sprinter. In practice, that means working at your highest intensity in the mornings, for no more than 90 minutes at a time, and then taking a break.
So, the next time your eyes are glazing over, instead of reaching for another cup of coffee, step away from your work for a few minutes instead. You might be surprised how much you’ll get done in the long run.

2. Make yourself uninterruptable sometimes

There’s nothing more frustrating than finally getting into the zone working on a big project — and then being interrupted by a co-worker or boss who drops by your desk. Worse, research showsit can take up to 25 minutes to get back on track after an interruption.
And that’s exactly why Andrew Marsh, CEO of Fifth Column Games, has developed a system to make sure that everyone in his office can work without being interrupted. By placing a “cone of silence” on their desks, employees have a tangible symbol that conveys that they should not be disturbed unless it’s an emergency.
I use the cone of silence when I’m working on a complex project that I need to concentrate on. Being able to focus intensely without interruption is a valuable productivity tool for everyone at Fifth Column Games.
Whether you need to stay focused on intense tasks for a couple of hours a day or you’re working on a big project, using a system that informs people of this will get them into the habit of sending you an email for non-urgent tasks instead of dropping by your desk.

3. Manage your energy, not just your time

You know it’s important to budget your time wisely — but it can actually be more effective to also manage your energy. Our own CEO, The Muse co-founder Kathryn Minshew, is a fan of optimizing her workday by doing her most concentration-intensive tasks during her peak hours, those golden hours when her energy levels are at their highest. Meetings, on the other hand, are something she avoids during these hours and saves for other times in the day.
I find it’s been immensely helpful for me to pay attention to when in the day I’m most productive (what hours, under what conditions) and aggressively guard that time for focused work.
If you’re a morning person, do your most important tasks first thing and save the tedious, mindless tasks for later in the day when your energy is waning. Not sure what your peak hours are? Try energy mapping to find out and make the most of your workday.

4. Don’t be a slave to email

Gina Trapani, founder of ThinkUp, is a fan of checking email only at specific times of the day. Why? Instead of feeling that you have to respond to emails the minute they hit your inbox, you can save time and stay focused by setting a schedule for checking and responding to email (for example, once in the morning and once at the end of the day).
Shut down Outlook, turn off new email notifications on your BlackBerry, do whatever you have to do to muffle the interruption of email.
Depending on your position, this may not feel like an option — especially if your boss or colleagues rely on you for quick responses. But you may be surprised at how supportive people will be about your new productivity strategy when you explain it to them. Tim Ferriss, author ofThe Four Hour Work Week, suggests emailing colleagues to alert them to your new email schedule, explaining that the reason behind it is to increase your productivity, and asking that they call you for urgent matters. You can also set up an autoresponder with a message explaining when you’ll be checking email again and how people can get in touch with you if it’s important in the meantime.

5. Keep your emails short and sweet

CEOs don’t have time for reading novel-length emails — or writing them, either. Andrew Torba, co-founder of Kuhcoon, even goes so far as to sometimes write one word emails and suggests treating your emails as if they have the same 140-character limit of Twitter.
Challenge yourself to think critically and efficiently when connecting via email or any other form of communication.
By keeping emails short and to the point, you’ll not only save a lot of writing time, you’ll also save your co-workers a lot of reading time. If your issue is too complex for a short email, scheduling a brief (5-10 minute) phone call can be much more efficient than a lengthy back-and-forth email exchange.

6. Delegate, delegate, delegate

It’s easy to get overwhelmed by feeling that you have to do everything yourself. Delegating, however, is one of the best ways to manage your time. Passing projects off to other members of the team lightens your load and lets you focus on the projects that you do best. Entrepreneur Daniel Tan Kh takes this one step further, and advises not only delegating the tasks, but really trusting that the new owner will take full responsibility for getting them done.
Delegation is the most important fuel for productivity.
Delegating doesn’t mean trying to get out of doing your work — but if you have too much on your plate, delegating one of your tasks to another member of your team can help devote more attention to your more pressing projects. Don’t have a co-worker who can take on your task?Matt DeCelles, serial entrepreneur, suggests outsourcing your dreaded tasks to a freelancer onFiverr.com.
Tackling your to-do list may sometimes seem impossible, but if you try making these small changes from the masters, you’ll be amazed at how much you can accomplish during your workday.
(copied post)

Which E-Commerce Platform Is The Best Choice For Your Online Store?

Originally: Forbes article by  Haris Bacic , Contributor

When it comes to starting an online store, there are many things to take into consideration. One of the most important parts of the puzzle is which platform to use to power your e-commerce site.
What you are about to read is solely based on experience with  e-commerce platforms.
There are two major categories with e-commerce platforms: hosted and self-hosted. Hosted simply means that the company will host your store, while self-hosted means they will provide you with software, but you have to get your own Web hosting.
For stability purposes, I recommend going with hosted versions because you always have dedicated support and chances of it going down due to hosting are slim to none. The downside of hosted software is that you will have to pay a monthly fee, and sometimes it can be pretty high.

• Hosted

1. Shopify
   Shopify is quickly becoming my favorite e-commerce platform. The user interface of the admin panel is simply gorgeous. Although it has its limitations, there aren’t many things I wasn’t able to accomplish with it.
   
   The biggest downside is the limited ability to change the checkout page.
   
   Although you have some control over it, it is minor. So if you’re trying to design the checkout page to be exactly how you want, Shopify is probably not for you. In fact, none of the hosted solutions will offer customization checkout process so you can jump the the Self-Hosted section right away.
   
   One area where Shopify easily beats is competition is with awesome add-on apps. Just like your smartphone, Shopify has many apps that you can download and install on your store, which extend the default or introduce new functionality. Their entire app process is set up much better than the competition and they have the most available apps, too.
   
   Shopify starts at $29/mo. And if you use their credit card processor, you will only have to pay the standard 2.9 percent + 30 cent rate. If you upgrade to a higher plan, the per-transaction fee is lower.
   
2. Volusion
   Volusion is a similar platform to Shopify, except it is about a hundred times less customizable. It is quite locked down, so you cannot do much with it. For starters, the entire website is generated using just one main template file. If that doesn’t sound silly enough, you also cannot retrieve basic information about store, products, categories, or cart contents needed for many remarketing tracking scripts.
   
   Although their support is responsive, they simply are not helpful most of the time. But perhaps that’s because most of the technical questions I’ve asked were not possible to accomplish in Volusion.
   
   You can get Volusion for as low as $15 per month, which is almost 50 percent cheaper than Shopify, but I wouldn’t recommend them.
    
3. BigCommerce
   BigCommerce is similar to Shopify and Volusion, but I would rank it closer to Volusion than Shopify. Although you can customize it slightly, it still lacks the total control of Shopify. It seems like you can implement Google Trusted Stores and Product Feed with their built-in functionalities, but trying to implement a different system would most likely be out of the question.
   
   One area where BigCommerce is better at than Volusion would be the user interface of the admin panel. It looks a lot cleaner and is much easier to navigate.
   
   BigCommerce starts at $29.95/mo. and with that plan you also have to pay a 1.5 percent transaction fee, in addition to other credit card processing fees. In other words, you could quickly find yourself losing money even while making sales.

The Winner
Out of the three hosted e-commerce platforms, I believe Shopify is without a doubt the best one.

• Self-Hosted

1. Magento
   This is an e-commerce platform that has been around for ages. Perhaps the criticism I am about to unleash on it could be attributed to that.
   
   Although used by a large majority of big e-commerce websites, Magento is a platform I would advice most companies against. There are many reasons for this, but difficulty to customize would be my number one.
   
   The platform is like a giant complex dinosaur that just won’t quit. Yes, it has plenty of features and then some, but the user interface is not friendly at all. It is a classic example of a product designed by engineers and developers who do not really understand what makes a user interface great.
   
   Another big issue many stores face is the terribly slow performance that arise on Magento. There’s many different things to fix the problem, but the fact that you have to specifically fix the issue is a big no-no for me already.
   
   Out of the box, Magento is a slow and sluggish platform and until you spend hours or days messing with caching extensions and settings, you probably won’t be happy with its performance.
   
2. WooCommerce
   Comparing WooCommerce to Magento is difficult because WooCommerce is a WordPress plugin so it depends very much on WordPress. You cannot use WooCommerce without WordPress.
   
   WooCommerce is great because it offers ultimate customization. Anything you can do with WordPress, you can do with WooCommerce. Only WordPress developers will understand what I mean, but using actions, hooks, and filters to make enhancements or changes to functionality is pretty sweet and efficient.
   
   As with anything WordPress, the resources available are endless. You have access to millions of themes and plugins to do exactly what you want. And in the rare scenario where you need something custom, there are many quality developers waiting to work.
   
   Because WooCommerce is a WordPress plugin, you also get all the goodies that come with WordPress.  That means blogging on your e-commerce store comes standard and is all very neatly organized. Compare that with Magento where you have to install a blogging extension just to even start blogging.

The Winner
For me, this is a no-brainer. In 95 percent of cases, I think WooCommerce is a better and safer choice than Magento. Unless you have millions of dollars in your development and maintenance budget, you shouldn’t really touch Magento.

If you use Magento, you will need custom development sooner or later and there’s no way getting around that. In fact, you will probably need a developer on call 24/7 for whenever you want to do any minor change to your store.

The Winners
So who are the ultimate winners here? I would say it is between Shopify and WooCommerce. If you are a big company with lots of products, clients, and traffic, then Shopify is a safer choice to go with because you will have better and more dedicated support.
WooCommerce is perfect for average and smaller stores that just need a store to sell a few things and sell them right!

25 Tips for effective content marketing

General Data Protection Regulation (GDPR): What you need to know to stay compliant

GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. And non-compliance could cost companies dearly. Here’s what every company that does business in Europe needs to know about GDPR.

Companies that collect data on citizens in European Union (EU) countries will need to comply with strict new rules around protecting customer data by May 25. The General Data Protection Regulation (GDPR) is expected to set a new standard for consumer rights regarding their data, but companies will be challenged as they put systems and processes in place to comply.
Compliance will cause some concerns and new expectations of security teams. For example, the GDPR takes a wide view of what constitutes personal identification information. Companies will need the same level of protection for things like an individual’s IP address or cookie data as they do for name, address and Social Security number.

[ Learn how to protect personally identifiable information (PII) under GDPR. | Get the latest from CSO by signing up for our newsletters. ]

The GDPR leaves much to interpretation. It says that companies must provide a “reasonable” level of protection for personal data, for example, but does not define what constitutes “reasonable.” This gives the GDPR governing body a lot of leeway when it comes to assessing fines for data breaches and non-compliance.Time is running out to meet the deadline, so CSO has compiled what any business needs to know about the GDPR, along with advice for meeting its requirements. Many of the requirements do not relate directly to information security, but the processes and system changes needed to comply could affect existing security systems and protocols.

What is the GDPR?

The European Parliament adopted the GDPR in April 2016, replacing an outdated data protection directive from 1995. It carries provisions that require businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. The GDPR also regulates the exportation of personal data outside the EU.
[Related: -->How to prepare for the approaching General Data Protection Regulation]
The provisions are consistent across all 28 EU member states, which means that companies have just one standard to meet within the EU. However, that standard is quite high and will require most companies to make a large investment to meet and to administer.

[ Prepare to become a Certified Information Security Systems Professional with this comprehensive online course from PluralSight. Now offering a 10-day free trial! ]

According to an Ovum report, about two-thirds of U.S. companies believe that the GDPR will require them to rethink their strategy in Europe. Even more (85 percent) see the GDPR putting them at a competitive disadvantage with European companies.

Why does the GDPR exist?

The short answer to that question is public concern over privacy. Europe in general has long had more stringent rules around how companies use the personal data of its citizens. The GDPR replaces the EU’s Data Protection Directive, which went into effect in 1995. This was well before the internet became the online business hub that it is today. Consequently, the directive is outdated and does not address many ways in which data is stored, collected and transferred today.
How real is the public concern over privacy? It is significant and it grows with every new high-profile data breach. According to the RSA Data Privacy & Security Report, for which RSA surveyed 7,500 consumers in France, Germany, Italy, the UK and the U.S., 80 percent of consumers said lost banking and financial data is a top concern. Lost security information (e.g., passwords) and identity information (e.g., passports or driving license) was cited as a concern of 76 percent of the respondents.
An alarming statistic for companies that deal with consumer data is the 62 percent of the respondents to the RSA report who say they would blame the company for their lost data in the event of a breach, not the hacker. The report’s authors concluded that, “As consumers become better informed, they expect more transparency and responsiveness from the stewards of their data.”
Lack of trust in how companies treat their personal information has led some consumers to take their own countermeasures. According to the report, 41 percent of the respondents said they intentionally falsify data when signing up for services online. Security concerns, a wish to avoid unwanted marketing, or the risk of having their data resold were among their top concerns.

The report also shows that consumers will not easily forgive a company once a breach exposing their personal data occurs. Seventy-two percent of US respondents said they would boycott a company that appeared to disregard the protection of their data. Fifty percent of all respondents said they would be more likely to shop at a company that could prove it takes data protection seriously.“As businesses continue their digital transformations, making greater use of digital assets, services, and big data, they must also be accountable for monitoring and protecting that data on a daily basis,” concluded the report.

What types of privacy data does the GDPR protect?

• Basic identity information such as name, address and ID numbers
• Web data such as location, IP address, cookie data and RFID tags
• Health and genetic data
• Biometric data
• Racial or ethnic data
• Political opinions
• Sexual orientation

Which companies does the GDPR affect?

Any company that stores or processes personal information about EU citizens within EU states must comply with the GDPR, even if they do not have a business presence within the EU. Specific criteria for companies required to comply are:

• A presence in an EU country.
• No presence in the EU, but it processes personal data of European residents.
• More than 250 employees.
• Fewer than 250 employees but its data-processing impacts the rights and freedoms of data subjects, is not occasional, or includes certain types of sensitive personal data. That effectively means almost all companies. A PwC survey showed that 92 percent of U.S. companies consider GDPR a top data protection priority.

A new survey conducted by Propeller Insights and sponsored by Netsparker Ltd. asked executives which industries would be most affected by GDPR. Most (53 percent) saw the technology sector being most impacted followed by online retailers (45 percent), software companies (44 percent), financial services (37 percent), online services/SaaS (34 percent), and retail/consumer packaged goods (33 percent).

When does my company need to be in compliance?

Companies must be able to show compliance by May 25, 2018.

Who within my company will be responsible for compliance?

The GDPR defines several roles that are responsible for ensuring compliance: data controller, data processor and the data protection officer (DPO). The data controller defines how personal data is processed and the purposes for which it is processed. The controller is also responsible for making sure that outside contractors comply.
[Related: -->GDPR requirements raise the global data protection stakes]
Data processors may be the internal groups that maintain and process personal data records or any outsourcing firm that performs all or part of those activities. The GDPR holds processors liable for breaches or non-compliance. It’s possible, then, that both your company and processing partner such as a cloud provider will be liable for penalties even if the fault is entirely on the processing partner.
The GDPR requires the controller and the processor to designate a DPO to oversee data security strategy and GDPR compliance. Companies are required to have a DPO if they process or store large amounts of EU citizen data, process or store special personal data, regularly monitor data subjects, or are a public authority. Some public entities such as law enforcement may be exempt from the DPO requirement.
According to the Propeller Insights survey, 82 percent of responding companies say they already have a DPO on staff, although 77 percent plan to hire a new or replacement DPO prior to the May 25 deadline. That hiring doesn’t stop with the DPO. About 55 percent of the survey’s respondents reported that they had recruited at least six new employees to achieve GDPR compliance.

What will GDPR preparation cost my company?

According to the PwC survey, 68 percent of U.S.-based companies expect to spend $1 million to $10 million to meet GDPR requirements. Another 9 percent expect to spend more than $10 million.
The PwC survey, which was conducted in December 2016, showed that 68 percent of U.S.-based companies expect to spend $1 million to $10 million to meet GDPR requirements. Another 9 percent expect to spend more than $10 million.
As we approach the May 25 deadline, those expectations might have been on the high side. The more recent Propeller Insights survey from March 2018 indicates that most companies will spend less than $1 million. In fact, 36 percent of the respondents said they would spend between $50,000 and $100,000, and 24 percent will spend between $100,000 and $1 million. Only about 10 percent expected to spend more than $1 million.

How does the GDPR affect third-party and customer contracts?

The GDPR places equal liability on data controllers (the organization that owns the data) and data processors (outside organizations that help manage that data). A third-party processor not in compliance means your organization is not in compliance. The new regulation also has strict rules for reporting breaches that everyone in the chain must be able to comply with. Organizations must also inform customers of their rights under GDPR.
What this means is that all existing contracts with processors (e.g., cloud providers, SaaS vendors, or payroll service providers) and customers need to spell out responsibilities. The revised contracts also need to define consistent processes for how data is managed and protected, and how breaches are reported.
“The largest exercise is on the procurement side of the house—your third-party vendors, your sourcing relationships that are processing data on your behalf,” says Mathew Lewis, global head of banking and regulatory practice at legal service provider Axiom. “There’s a whole grouping of vendors that have access to this personal data and GDPR lays out very clearly that you need to ensure that all of those third parties are adhering to GDPR and processing the data accordingly.”
Client contracts also need to reflect the regulatory changes, says Lewis. “Client contracts take a number of different forms, whether they are online click-throughs or formal agreements where you make commitments to how you view, access, and process data.”
Before those contracts can be revised, business leaders, IT, and security teams need to understand how the data is stored and processed and agree on a compliant process for reporting. “A pretty sizable exercise is required by the technology groups, the CISO, and data governance team to understand what data fits within the firm, where it’s being stored or processed, and where it’s being exported outside the company. Once you understand those data flows and the impact on the business, you can start to identify the vendors you need to be most focused on both from an information security perspective, how you manage those relationships going forward, and how you memorialize that in the contract itself,” says Lewis.
The GDPR might also change the mindset of business and security teams toward data. Most companies see their data and the processes they use to mine it as an asset, but that perception will change, says Lewis. “Given GDPR’s explicit consent and firms needing to be much more granular in their understanding of data and data flows, there’s a whole set of liabilities that now exist with the accumulation of data,” says Lewis. “That’s quite a different frame of mind both for legal and compliance, but maybe more important for the way the business thinks about the accumulation and usage of that data and for information security groups and how they think about managing that data.”
“Data is leaving the firm in all kinds of ways,” says Lewis. “While the CISO and the technology groups need to be able to track all of that, you also need to put protection in place.” Those protections need to be spelled out in the contract so the outside firms understand what they can and cannot do with the data.
Lewis notes that by going through the process of defining obligations and responsibilities, it prepares a company to handle GDPR compliance operationally. “If one of your vendors says, ‘You were hacked last night,’ did they know who to call and how to respond as part of meeting the regulatory requirements,” he says.
The 72-hour reporting window that the GDPR requires makes it especially important that vendors know how to properly report a breach. “If a vendor was hacked and you’re one of thousands of clients, do they notify your procurement department or an account person or someone in accounts receivables? It could come in all kinds of ways,” says Lewis.
You want a clearly defined path in the contract for the information to get to the person in your organization responsible for reporting the breach. “A regulator is not going to say you shouldn’t have had a breach. They are going to say you should have had the policies, procedures, and response structure in place to solve for that quickly,” says Lewis.

Larger companies might have thousands of contracts to update. Complicating that challenge is that it needs to be done late in the compliance process. Before you can define responsibilities and responsibilities, you must know exactly what data you have, where and how it is processed, and the data flows. “That’s left a lot of institutions racing toward the deadline trying to complete the technical and operational issues and having to play catch-up on putting the right contract in place to enforce that. A lot of firms have not done any renegotiation of contract terms.”
That begs the question: What happens if the contracts aren’t all in place by the May deadline? Lewis sees several risks to not completing the contracts:

• Operational: If you haven’t agreed on what your processes will be with a vendor, it’s not clear how you will be operating under GDPR.
• Vendor management: Under GDPR, you need to know how your vendors operate including their security framework and how they manage data. Without that knowledge, you don’t know the risk they present.
• Regulatory fines: Lewis notes that the EU is known for its willingness to levy steep fines for regulatory non-compliance. If a breach occurs, not having contracts in place might well work against the company. “Not having a contract is an indication you don’t know what your vendors are doing, and that is a larger management issue about what infrastructure you’re using and how you’re treating the data,” says Lewis. “It gives the regulator an idea of how organized you are and how well you understand your data flows.”

What happens if my company is not in compliance with the GDPR?

The GDPR allows for steep penalties of up to €20 million or 4 percent of global annual turnover, whichever is higher, for non-compliance. According to a report from Ovum, 52 percent of companies believe they will be fined for non-compliance. Management consulting firm Oliver Wyman predicts that the EU could collect as much as $6 billion in fines and penalties in the first year.
If your organization is not in compliance by the May 25 deadline, it will not be alone. Estimates vary, but the consensus is that about half of the U.S. companies that should be compliant will not be on all requirements. According to a survey by Solix Technologies released in December, 22 percent of companies were still unaware that they must comply with GDPR. Thirty-eight percent said that the personal data they process is not protected from misuse and unauthorized access at every stage of its life cycle.
One particularly difficult requirement will be the right to be forgotten, described below. Nearly two-thirds (66 percent) of the Solix survey respondents say they are unsure if they can purge an individual’s personal information forever by deadline.
That leaves a lot of organizations vulnerable to fines. The big unanswered question is how penalties will be assessed. For example, how will fines differ for a breach that has minimal impact on individuals versus one where their exposed PII results in actual damage? The consensus is that the regulators will quickly act on a few companies found to be not in compliance early on to send a message. Then, organizations can make a better assessment of what to expect in the event of a non-compliance finding.
For now, the ability to show a good-faith effort to comply should protect companies from harsh penalties. In a recent speech, Liz Denham, the UK information commissioner, had this to say to organizations concerned about GDPR fines:

“…I hope by now you know that enforcement is a last resort. I have no intention of changing the ICO’s (Information Commission Office’s) proportionate and pragmatic approach after 25^th of May. Hefty fines will be reserved for those organizations that persistently, deliberately or negligently flout the law. Those organizations that self-report, engage with us to resolve issues, and demonstrate an effective accountability arrangement can expect this to be a factor when we consider any regulatory action.”

Which GDPR requirements will affect my company?

The GDPR requirements will force U.S. companies to change the way they process, store, and protect customers’ personal data. For example, companies will be allowed to store and process personal data only when the individual consents and for “no longer than is necessary for the purposes for which the personal data are processed.” Personal data must also be portable from one company to another, and companies must erase personal data upon request.
That last item is also known as the right to be forgotten. There are some exceptions. For example, GDPR does not supersede any legal requirement that an organization maintain certain data. This would include HIPAA health record requirements.
Several requirements will directly affect security teams. One is that companies must be able to provide a “reasonable” level of data protection and privacy to EU citizens. What the GDPR means by “reasonable” is not well defined.
What could be a challenging requirement is that companies must report data breaches to supervisory authorities and individuals affected by a breach within 72 hours of when the breach was detected. Another requirement, performing impact assessments, is intended to help mitigate the risk of breaches by identifying vulnerabilities and how to address them.
For a more complete description of GDPR requirements, see "What are the GDPR requirements?".

What does a successful GDPR project look like?

It’s hard to imagine a company that will be more affected by GDPR than ADP. The company provides cloud-based human capital management (HCM) and business outsourcing services to more than 650,000 companies globally. ADP holds PII for millions of people around the world, and its clients expect the company to be GDPR compliant and to help them do the same. If ADP is found non-compliant with GDPR, it risks not only fines but loss of business from clients expecting ADP to have them covered.
ADP’s global focus and scale in some ways has been an advantage. It already adheres to existing privacy and security regulations, so the leap to GDPR compliance is not as high as it might have been. “We are already familiar with privacy laws in Europe. We are not starting from scratch with GDPR,” says Cecile Georges, chief privacy officer for ADP. “GDPR triggers the need for us to comply not just as a company, but also as a service provider. We help our clients comply with GDPR.”
Despite ADP being better prepared than many other companies, Georges says its GDPR project is large and global. It began about a year ago, but the project builds on earlier work. “We started even before GDPR was discussed,” she says. The company began data flow mapping and privacy assessments on new products several years ago.
Georges sees the early start on data flow mapping as key. “If we had not started the data flow mapping a long time ago, I would be less confident than I am speaking to you now,” she says. “Data flow mapping is required to do inventory of products, and processing PII is a first step to data protection impact assessments that are required. We’ve also implemented privacy by design in our new offers and products.” She adds that ADP supports its “privacy by design” policy with training for its developers.
ADP’s GDPR project pulls in people from many areas of the company, and Georges believes this is necessary for success. “We are involved in the organization, all the operations, and the functional groups. It’s not just a pure privacy or compliance project. It really involves the entire organization and we are coordinating with project managers across the company to make sure we implement the right processes across the organization,” she says.
Mechanisms for securing PII such as encryption are already in place at ADP. “From a security standpoint we came to the conclusion that it’s more about communicating with our clients, making sure they have the right information about what we are doing,” says Georges. “They may have to convey that message to their employees or to their own clients.”
Because ADP is a data processor for other companies, ADP has taken the optional step of defining Binding Corporate Rules around protecting PII. “With the implementation of Binding Corporate Rules as a data processor, we hope that our customers understand that we want to make their lives easier and we commit to protect their personal data in accordance with the standards required in the EU, regardless of where the European data is processed, accessed, or hosted” says Georges.
Georges says she hears from other companies that aren’t yet on track for GDPR compliance. “The clock is starting to tick,” she says. “If a company has not started to look into what they need to do, they first need to understand what it means for them in terms of their business. Understand first to what extent they are affected by the new regulation and then do a gap analysis. That is the starting point of any project to assess what they need to do.
She also encourages companies to take an operational approach. “My recommendation is to have representatives of all the functions in the organization and not consider it a pure privacy or pure legal compliance project,” Georges says. “It would take too much time for operations to understand exactly what they need to do, whereas if you involve them from the beginning they can tell a lawyer or privacy professional, ‘We are already doing this,’ or ‘Technically, we can’t do this, but this is how we can address this requirement.’”
“There are different ways of applying GDPR depending on your business and the tools you have in place. The business people can assess that,” says Georges. “Once they have done the assessment and decided what to do, then they have to document what they are doing.” Georges is referring to the GDPR’s accountability principle, which requires companies to document how they’ve become compliant. “The documentation piece will be key.”

What should my company be doing to prepare for the GDPR?

Set a sense of urgency that comes from top management: Risk management company Marsh stresses the importance of executive leadership in prioritizing cyber preparedness. Compliance with global data hygiene standards is part of that preparedness.
Involve all the stakeholders. IT alone is ill-prepared to meet GDPR requirements. Start a task force that includes marketing, finance, sales, operations—any group within the organization that collects, analyzes, or otherwise makes use of customers’ PII. With representation on a GDPR task force, they can better share information that will be useful to those implementing the technical and procedural changes needed, and they will be better prepared to deal with any impact on their teams.
Conduct a risk assessment: You want to know what data you store and process on EU citizens and understand the risks around it. Remember, the risk assessment must also outline measures taken to mitigate that risk. A key element of this assessment will be to uncover all shadow IT that might be collecting and storing PII. Shadow IT and smaller point solutions represent the greatest risk for non-compliance; ignore them at your own peril.
And there are a lot of them. According to Matt Fisher, IT thought leader and senior vice president at Snow Software, more than 39,000 applications are known to hold personal data. “The iceberg effect poses a serious risk to organizations’ GDPR compliance as many are focused on the 10 percent of applications holding personal data that are visible at the water’s surface,” he says.
Fisher cites the change in how organizations allocate their IT and technology spend, with business units expected to own about half of it by 2020. “As IT teams lose sight of the applications in use across the organization, they lack overarching visibility into the applications that could threaten GDPR compliance,” he says.
“Getting started [on the risk assessment] is the biggest obstacle,” Fisher says. “As a first course of action, organizations must get a full picture of their entire IT infrastructure and inventory all applications in their estates. This, coupled with specific insight about which applications can process personal data, dramatically minimizes the scope of the project as well as the time spent on it. Suddenly, the impossible becomes possible.”
Hire or appoint a DPO: The GDPR does not say whether the DPO needs to be a discrete position, so presumably a company may name someone who already has a similar role to the position as long as that person can ensure the protection of PII with no conflict of interest. Otherwise, you will need to hire a DPO. Depending on the organization, that DPO might not need to be full-time. In that case, a virtual DPO is an option. GDPR rules allow a DPO to work for multiple organizations, so a virtual DPO would be like a consultant who works as needed.
Create a data protection plan: Most companies already have a plan in place, but they will need to review and update it to ensure that it aligns with GDPR requirements.
Don’t forget about mobile: According to a survey of IT and security executives by Lookout, Inc., 64 percent of employees access customer, partner, and employee PII using mobile devices. That creates a unique set of risks for GDPR non-compliance. For example, 81 percent of the survey respondents said that most employees are approved to install personal apps on the devices used for work purposes, even if it’s their own device. If any of those apps access and store PII, they must do so in a GDPR-compliant manner. That’s tough to control, especially when you factor in all the unauthorized apps employees use.
Create a plan to report your GDPR compliance progress: “With the clock ticking, organizations must demonstrate that they are making progress against completing the Record of Processing Activities (RoPA)—article 30 of the GDPR regulation which is centered around taking inventory of risky applications—to avoid being an easy target for regulators,” says Fisher. “Establishing the RoPA, is the essential piece to focus on at this stage in the game as it enables organizations to identify where personal data is being processed, who is processing it and how it is being processed.”
Implement measures to mitigate risk: Once you’ve identified the risks and how to mitigate them, you must put those measures into place. For most companies, that means revising existing risk mitigation measures. “Upon taking inventory of applications and completing the RoPA, the GDPR team can now spot and investigate any risks associated with the data and determine the appropriate level of security deemed necessary to protect that data,” says Fisher.
If your organization is small, ask for help if needed. Smaller companies will be affected by GDPR, some more significantly than others. They may not have the resources needed to meet requirements. Outside resources are available to provide advice and technical experts to help them through the process and minimize internal disruption.
Test incident response plans: The GDPR requires that companies report breaches within 72 hours. How well the response teams minimize the damage will directly affect the company’s risk of fines for the breach. Make sure you can adequately report and respond within the time period.
Set up a process for ongoing assessment: You want to ensure that you remain in compliance, and that will require monitoring and continuous improvement. Some companies are considering incentives and penalties to ensure that employees follow the new policies. According to a survey by Veritas Technologies, 47 percent of respondents will likely add mandatory GDPR policy observances to employee contracts. Twenty-five percent might withhold bonuses or benefits if a GDPR violation occurs, and 34 percent say they will reward employees for complying with GDPR.
Do all of this with an eye to improving your business: According to a survey by Varonis Systems, 74 percent of respondents believe that complying with GDPR requirements will be a competitive advantage. Compliance will boost consumer confidence. More importantly, the technical and process improvements necessary to meet GDPR requirements should enable efficiencies in how organizations manage and secure data.

Originally copied from: https://www.csoonline.com/article/3202771/data-protection/general-data-protection-regulation-gdpr-requirements-deadlines-and-facts.html