Skip to content

Commit 37bf91e

Browse files
author
Sean Kibbee
committed
Unify security page and rework workstreams impact layout
1 parent 63de2ab commit 37bf91e

4 files changed

Lines changed: 145 additions & 36 deletions

File tree

docs/security.html

Lines changed: 107 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66
<title>Security Center | LotusLift</title>
77
<meta
88
name="description"
9-
content="Security center for LotusLift enablement hackathon: safeguards overview and detailed data policy."
9+
content="Unified security policy for LotusLift: executive overview first, full data and engineering controls below."
1010
/>
1111
<link rel="preconnect" href="https://fonts.googleapis.com" />
1212
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin />
@@ -32,47 +32,126 @@
3232

3333
<main class="layout">
3434
<section class="page-head reveal">
35-
<p class="eyebrow">Security Center</p>
36-
<h1>Security And Data Governance</h1>
35+
<p class="eyebrow">Unified Security</p>
36+
<h1>Security Overview And Full Policy</h1>
3737
<p>
38-
Central hub for program-level security posture, practical safeguard controls, and detailed data handling policy.
38+
One page for leadership and delivery teams: executive security summary at the top, followed by complete controls
39+
for data, code, access, and operational practices.
3940
</p>
4041
</section>
4142

42-
<section class="cards reveal delay-1">
43-
<article class="card">
44-
<h2>Security Overview</h2>
45-
<p>
46-
High-level controls, governance model, and operational checks for day-to-day execution and leadership review.
47-
</p>
48-
<a href="safeguards.html">Open Security Overview</a>
43+
<section class="spotlight-grid reveal delay-1">
44+
<article class="card spotlight">
45+
<h2>Executive Summary</h2>
46+
<ul class="clean-list">
47+
<li>No private, protected, or production data in this repository</li>
48+
<li>Human review is mandatory before every commit and merge</li>
49+
<li>Security covers more than data: identity, code quality, and operations</li>
50+
</ul>
4951
</article>
50-
<article class="card">
51-
<h2>Data Safeguards Policy</h2>
52+
<article class="card spotlight">
53+
<h2>Control Intent</h2>
5254
<p>
53-
Full policy text with allowed/prohibited content rules, commit checklist, and response guidance.
55+
Keep modernization velocity high while preventing data leakage, unsafe code promotion, and accidental
56+
exposure of sensitive enterprise details.
5457
</p>
55-
<a href="data-safeguards.html">Open Data Safeguards Policy</a>
5658
</article>
5759
</section>
5860

59-
<section class="spotlight-grid">
60-
<article class="card spotlight reveal delay-2">
61-
<h2>Core Guardrails</h2>
61+
<section class="method-divider reveal delay-2" aria-label="Security policy divider">
62+
<p class="eyebrow">Detailed Controls</p>
63+
<h2>Full Security Policy</h2>
64+
<p>Everything below is the operational policy teams follow during this enablement hackathon.</p>
65+
</section>
66+
67+
<section class="cards reveal delay-2">
68+
<article class="card">
69+
<h3>Data Handling Rules</h3>
6270
<ul class="clean-list">
63-
<li>No private, protected, or production data in this repository</li>
64-
<li>Only anonymized screenshots and dummy datasets are allowed</li>
65-
<li>Human review required before every commit and merge</li>
71+
<li>Allowed: anonymized screenshots, schema metadata, and dummy/randomized data</li>
72+
<li>Prohibited: production exports, personal identifiers, credentials, internal endpoints/IPs</li>
73+
<li>All screenshots must be redacted before commit</li>
6674
</ul>
6775
</article>
68-
<article class="card spotlight reveal delay-3">
69-
<h2>Why It Matters</h2>
70-
<p>
71-
Strong safeguards protect trust while letting DTB teams move faster with AI-assisted modernization and reduced
72-
technical debt.
73-
</p>
74-
<a href="method.html">See Delivery Method</a>
76+
<article class="card">
77+
<h3>Identity And Access Controls</h3>
78+
<ul class="clean-list">
79+
<li>Least-privilege access for repository and deployment roles</li>
80+
<li>No shared credentials; no secrets in code, docs, or screenshots</li>
81+
<li>Rotate and revoke immediately if exposure is suspected</li>
82+
</ul>
83+
</article>
84+
<article class="card">
85+
<h3>Code And Supply Chain Controls</h3>
86+
<ul class="clean-list">
87+
<li>Human-reviewed AI output only; no blind copy-and-merge</li>
88+
<li>Dependency and license checks before promotion</li>
89+
<li>Favor maintainable patterns over one-off generated code</li>
90+
</ul>
91+
</article>
92+
</section>
93+
94+
<section class="timeline" aria-label="Security execution checklist">
95+
<article class="timeline-item reveal delay-1">
96+
<span class="phase-id">01</span>
97+
<div>
98+
<h2>Pre-Commit Review</h2>
99+
<p>Verify no sensitive data, secrets, internal infrastructure details, or unredacted screenshots are staged.</p>
100+
</div>
101+
</article>
102+
<article class="timeline-item reveal delay-2">
103+
<span class="phase-id">02</span>
104+
<div>
105+
<h2>Quality And Safety Gate</h2>
106+
<p>Confirm generated code is correct, secure, test-backed, and aligned to team coding standards.</p>
107+
</div>
75108
</article>
109+
<article class="timeline-item reveal delay-3">
110+
<span class="phase-id">03</span>
111+
<div>
112+
<h2>Response Process</h2>
113+
<p>If sensitive content is found: notify owners immediately, remove exposure from history, rotate credentials,
114+
and document corrective action.</p>
115+
</div>
116+
</article>
117+
</section>
118+
119+
<section class="doc-content reveal delay-2" aria-label="Detailed data policy">
120+
<h2>Detailed Data Policy</h2>
121+
<table>
122+
<thead>
123+
<tr>
124+
<th>Category</th>
125+
<th>Allowed</th>
126+
<th>Not Allowed</th>
127+
</tr>
128+
</thead>
129+
<tbody>
130+
<tr>
131+
<td>Application Artifacts</td>
132+
<td>Anonymized screenshots and workflow descriptions</td>
133+
<td>Unredacted screens containing names, emails, IDs, or case details</td>
134+
</tr>
135+
<tr>
136+
<td>Data Content</td>
137+
<td>Dummy datasets and synthetic records</td>
138+
<td>Production or user-originated records</td>
139+
</tr>
140+
<tr>
141+
<td>Infrastructure Details</td>
142+
<td>Generic architecture patterns</td>
143+
<td>Internal hostnames, IP ranges, tenant secrets, private endpoints</td>
144+
</tr>
145+
<tr>
146+
<td>Credentials</td>
147+
<td>Secret placeholders and mocked values</td>
148+
<td>API keys, passwords, tokens, or live certificates</td>
149+
</tr>
150+
</tbody>
151+
</table>
152+
<p>
153+
This consolidated page is the source of truth for security execution in this repository.
154+
</p>
76155
</section>
77156
</main>
78157

docs/site.css

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -311,6 +311,12 @@ h2 {
311311
align-items: stretch;
312312
}
313313

314+
.app-grid {
315+
margin-top: 1.6rem;
316+
padding-top: 1rem;
317+
border-top: 2px dashed rgba(15, 111, 168, 0.3);
318+
}
319+
314320
.card,
315321
.app-card {
316322
padding: 1rem;
@@ -485,6 +491,23 @@ h2 {
485491
border-top: 2px dashed rgba(15, 111, 168, 0.36);
486492
}
487493

494+
.phase-banner {
495+
margin-top: 1.35rem;
496+
border: 1px solid var(--line);
497+
border-radius: 16px;
498+
background: linear-gradient(135deg, rgba(15, 111, 168, 0.14), rgba(241, 143, 59, 0.12));
499+
box-shadow: var(--shadow);
500+
padding: 1.05rem 1.15rem;
501+
}
502+
503+
.phase-banner h2 {
504+
margin-top: 0.35rem;
505+
}
506+
507+
.phase-banner p:last-child {
508+
margin-bottom: 0;
509+
}
510+
488511
.phase-id {
489512
font-family: "IBM Plex Mono", monospace;
490513
font-weight: 600;

docs/site.js

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ const appTracks = [
77
outputs: ["Context package", "Workflow inventory", "Validated baseline"],
88
links: [
99
{ label: "Method Phase", href: "method.html#phase-discovery" },
10-
{ label: "Data Controls", href: "security.html" },
10+
{ label: "Detailed Method", href: "methodology.html" },
1111
],
1212
},
1313
{
@@ -40,7 +40,7 @@ const appTracks = [
4040
outputs: ["Refactored modules", "Validation tests", "Reusable AI prompt patterns"],
4141
links: [
4242
{ label: "Method Phase", href: "method.html#phase-execute" },
43-
{ label: "Security Checks", href: "safeguards.html" },
43+
{ label: "Execution Guide", href: "methodology.html" },
4444
],
4545
},
4646
];

docs/workstreams.html

Lines changed: 13 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -39,23 +39,30 @@ <h1>Delivery Workstreams</h1>
3939

4040
<section class="spotlight-grid">
4141
<article class="card spotlight reveal delay-1">
42-
<h2>How To Read This View</h2>
42+
<h2>How To Use This Page</h2>
4343
<ul class="clean-list">
4444
<li>Each card maps directly to a method phase</li>
4545
<li>Pill labels define how AI and DTB engineers partner in that phase</li>
46-
<li>Links point to phase-specific references and controls</li>
46+
<li>Links point to phase-specific execution guidance</li>
4747
</ul>
4848
</article>
4949
<article class="card spotlight reveal delay-2">
50-
<h2>Governance Built In</h2>
50+
<h2>Why This Is Impactful</h2>
5151
<p>
52-
Every workstream runs with anonymized inputs, human verification gates, and reusable patterns that reduce
53-
technical debt across modernization efforts.
52+
This model turns one modernization effort into a repeatable operating system for DTB teams: faster execution,
53+
lower rework, and reusable delivery patterns.
5454
</p>
55-
<a href="security.html">Review Security Center</a>
5655
</article>
5756
</section>
5857

58+
<section class="phase-banner reveal delay-2" aria-label="Workstream impact statement">
59+
<p class="eyebrow">Method-Aligned Delivery</p>
60+
<h2>One Framework, Four High-Confidence Execution Phases</h2>
61+
<p>
62+
Teams move in a clear sequence from discovery to execution, with measurable outputs and explicit ownership in every phase.
63+
</p>
64+
</section>
65+
5966
<section class="app-grid" id="appGrid" aria-live="polite"></section>
6067
</main>
6168

0 commit comments

Comments
 (0)