Section 5.4.3 Security Convention
Security in the context of Content preparation
refers to ensuring that Content is secure from interference whilst being
transmitted between Server and Web browser.
The Murdoch Security Convention to be practiced in the
preparation of Content includes:
- Determining
the intended audience prior to hosting Content on a Server
- Confirming
that the Server to be used to host or provide access to Content can offer
the level of security required.
In complying with the Code of Conduct Section 3.1.3 Appropriate Access to Content for End-Users, a Content Custodian,
or in their absence a Web Liaison Officer, or a Content Provider, shall
determine the intended audience for Content. If the Content is of a personal,
sensitive, or confidential nature, or involves a financial transaction, they
shall
- liaise
with a Web Administrator to ensure that the Content is either hosted on,
or accessed by a Secure Server (SSL)
- advise
end-users that data encryption is used, and
- advise
end-users of any known Web browser version requirements to ensure that
they can successfully interact with a Secure Server to retrieve the
information or service offered.
As search engines may index restricted Content and
potentially display details in an index entry that are not intended to be
viewed beyond the intended audience, it is recommended that Content Providers
seek advice re the use of a Secure Server for hosting Content of a sensitive or
confidential nature. If there is any uncertainty as to whether Content that has
restricted access will still be indexed via external search engines, then the
Content should be accessed via an intranet solution.
|
