Security Issues
Missouri State acknowledges that its functions may require a certain level of privacy and protection, and it strives to provide a reasonably safe computing environment.
For complete information, please see the information technology policies. Below is a brief overview of how the security requirements affect web developers:
Protecting data and records
Websites that contain personally identifiable educational records, closed records, or personal information are required to use password protection, encryption and secure storage.
- Students have a right, however, to refuse the designation of this information as directory information.
- Any information that is unsecured can be found and accessed through the use of a search engine.
Password protection
Password protection requires the web user to enter a BearPass login and password before any content is shown.
Encryption
Missouri State secures its websites through secure socket layer (SSL). All centrally hosted websites, including those published from Omni CMS, are protected.
Secure storage
- Web forms that collect personal confidential information, such as social security, credit/debit card or bank account numbers must store their submissions in a database. Email is not an acceptable method for processing form submissions.
- Web developers or those with access to privileged information should never share their password.
Disclosure and publishing guidelines
Closed records and personally identifiable educational records should never be published to a public or insecure site.