wealthvilla.blogg.se - Web confidential checklist

#Web confidential checklist update

Privacy and security policies and guidelines Webforms and security: Three things worth repeating.

Create Forms in the Web Management System.If linking to information in a cloud service, adhere to instructions in McGill's Cloud Directive which describes when and where you can process, transmit and store McGill data Name Email Contact Number What are you looking for help with Checkbox.Limit data collection for analytics and user research to interactions around links, buttons and page elements only.If authentication is required on McGill websites, it should be performed using one of our preferred Single Sign On (SSO) methods, such as SAML, with McGill’s central identity provider.Use McGill usernames and passwords for authentication on McGill websites and systems (where possible).

#Web confidential checklist update

Update website access permissions accordingly when your web team members change roles, leave your department or leave the university.

Delete/decommission websites when they become inactive and/or are no longer of value.

Ensure your site has a designated sponsor/asset steward.

If you become aware of unsafe practices or vulnerabilities, notify IT Security.

on Research web pages, do not list student participants

Do not identify student names without their written consent, e.g. Review of Contract / Online Terms of Use If the information level is restricted, confidential, or protected, then the contract / online terms of use must be.

Do not display or email people's confidential information (unless it's using McGill's official email).

use secure formats and platforms like https, adhere to recommendations for building secure webforms) Create secure webpages and webforms that properly protect users' personal data (e.g.Visit McGill’s cybersecurity website Secure your journey for additional tools and resources. Christopher Manfredi, Provost and Vice-Principal Academic, describes the responsibility of all academics to uphold McGill's information security 4.1.2 Fingerprint Web Server 4.1.3 Review Webserver Metafiles for Information Leakage 4.1.4 Enumerate Applications on Webserver 4.1.5 Review Webpage Content for Information Leakage 4.1.6 Identify Application Entry Points 4.1.