CINXE.COM

Website Security | UCSF Websites

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.0//EN" "http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" version="XHTML+RDFa 1.0" dir="ltr" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/terms/" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:og="http://ogp.me/ns#" xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#" xmlns:sioc="http://rdfs.org/sioc/ns#" xmlns:sioct="http://rdfs.org/sioc/types#" xmlns:skos="http://www.w3.org/2004/02/skos/core#" xmlns:xsd="http://www.w3.org/2001/XMLSchema#"> <head profile="http://www.w3.org/1999/xhtml/vocab"> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="Generator" content="Drupal 7 (http://drupal.org)" /> <link rel="canonical" href="/website-security" /> <link rel="shortlink" href="/node/9896" /> <link rel="shortcut icon" href="https://websites.ucsf.edu/profiles/ucsf_b1gfoot/themes/ucsf_b1gfoot_theme/favicon.ico" type="image/vnd.microsoft.icon" /> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" /> <meta property="og:image" content="https://websites.ucsf.edu/profiles/ucsf_b1gfoot/themes/ucsf_b1gfoot_theme/img/img-metatag.jpg" /> <meta property="og:image:width" content="940" /> <meta property="twitter:image" content="https://websites.ucsf.edu/profiles/ucsf_b1gfoot/themes/ucsf_b1gfoot_theme/img/img-metatag.jpg" /> <meta property="twitter:card" content="summary" /> <meta property="og:site_name" content="UCSF Websites" /> <meta property="twitter:url" content="https://websites.ucsf.edu/website-security" /> <meta property="og:url" content="https://websites.ucsf.edu/website-security" /> <meta property="twitter:title" content="Website Security | UCSF Websites" /> <meta property="og:title" content="Website Security" /> <title>Website Security | UCSF Websites</title> <link type="text/css" rel="stylesheet" href="https://websites.ucsf.edu/sites/websites.ucsf.edu/files/css/css_kShW4RPmRstZ3SpIC-ZvVGNFVAi0WEMuCnI0ZkYIaFw.css" media="all" /> <link type="text/css" rel="stylesheet" href="https://websites.ucsf.edu/sites/websites.ucsf.edu/files/css/css_skhFl2AhilhxAlHjGa_fTNSPVanaq_LTvzbp87QV8BM.css" media="all" /> <link type="text/css" rel="stylesheet" href="https://websites.ucsf.edu/sites/websites.ucsf.edu/files/css/css_KtV_0W2L1RpBdKj5ObC3CRUchB_iaxUEL8n1_iqwt5o.css" media="all" /> <style type="text/css" media="all"> <!--/*--><![CDATA[/*><!--*/ .cke_toolgroup > .cke_button__quote{display:none}.cke_toolgroup > .cke_button__twocolumn{display:none}.cke_toolgroup > .cke_button__threecolumn{display:none}.cke_toolgroup > .cke_button__featuredcontent{display:none}.cke_toolgroup > .cke_button__collapseitem{display:none} /*]]>*/--> </style> <link type="text/css" rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/hopscotch/0.2.5/css/hopscotch.min.css" media="all" /> <link type="text/css" rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css" media="all" /> <link type="text/css" rel="stylesheet" href="https://websites.ucsf.edu/sites/websites.ucsf.edu/files/css/css_0wq-oSMa1dZUDrswIs--ZE9BmEbEiCxrgJH-DEpoXrI.css" media="all" /> <link type="text/css" rel="stylesheet" href="https://websites.ucsf.edu/sites/websites.ucsf.edu/files/css/css_47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU.css" media="print" /> <style type="text/css" media="all"> <!--/*--><![CDATA[/*><!--*/ h1 a,h2 a,h3 a,h4 a,h5 a,h6 a,#header a,.ucsf-top-header a,.tabs a,fieldset legend a,legend a{text-decoration:none;border-bottom:none;box-shadow:none;}body.sidebar #main .sidebar .region-sidebar > .block-block .content{overflow:visible;}.page-node-626 #main-wrapper .region-content a,.page-node-626 .breadcrumb a{color:#0071ad;text-decoration:underline;text-decoration-skip-ink:auto;text-decoration-skip:ink;border-bottom:none;}.page-node-626 #main-wrapper .region-content a:hover,.page-node-626 .breadcrumb a:hover{text-decoration:none;border-bottom:none;}.page-node-626 #main-wrapper .region-content .bg--interactive-blue a,.page-node-626 .breadcrumb .bg--interactive-blue a,.page-node-626 #main-wrapper .region-content .bg--interactive-teal a,.page-node-626 .breadcrumb .bg--interactive-teal a{color:#fff;text-decoration:underline;border-bottom:0;box-shadow:none;text-shadow:none;}.page-node-626 #main-wrapper .region-content .bg--interactive-blue a:hover,.page-node-626 .breadcrumb .bg--interactive-blue a:hover,.page-node-626 #main-wrapper .region-content .bg--interactive-teal a:hover,.page-node-626 .breadcrumb .bg--interactive-teal a:hover{background:transparent;text-decoration:none;}.page-node-626 #main-wrapper .region-content .bg--interactive-blue a.btn--more--white,.page-node-626 .breadcrumb .bg--interactive-blue a.btn--more--white,.page-node-626 #main-wrapper .region-content .bg--interactive-teal a.btn--more--white,.page-node-626 .breadcrumb .bg--interactive-teal a.btn--more--white{border:1px solid rgba(255,255,255,0.3);}.page-node-636 #main-wrapper .region-content a,.page-node-636 .breadcrumb a{color:#000;background-color:transparent;text-decoration:none;transition:background 0.15s cubic-bezier(0.33,0.66,0.66,1);border-bottom:1px inset #007cbe;box-shadow:inset 0 -1px 0 #007cbe;overflow-wrap:break-word;word-break:break-word;word-wrap:break-word;}.page-node-636 #main-wrapper .region-content a:hover,.page-node-636 .breadcrumb a:hover{background:#e8f4fa;border-bottom:1px solid #e8f4fa;box-shadow:inset 0 -1px 0 #e8f4fa;}.page-node-636 #main-wrapper .region-content .bg--interactive-blue a,.page-node-636 .breadcrumb .bg--interactive-blue a,.page-node-636 #main-wrapper .region-content .bg--interactive-teal a,.page-node-636 .breadcrumb .bg--interactive-teal a{color:#fff;text-decoration:underline;border-bottom:0;box-shadow:none;}.page-node-636 #main-wrapper .region-content .bg--interactive-blue a:hover,.page-node-636 .breadcrumb .bg--interactive-blue a:hover,.page-node-636 #main-wrapper .region-content .bg--interactive-teal a:hover,.page-node-636 .breadcrumb .bg--interactive-teal a:hover{background:transparent;text-decoration:none;}.page-node-636 #main-wrapper .region-content .bg--interactive-blue a.btn--more--white,.page-node-636 .breadcrumb .bg--interactive-blue a.btn--more--white,.page-node-636 #main-wrapper .region-content .bg--interactive-teal a.btn--more--white,.page-node-636 .breadcrumb .bg--interactive-teal a.btn--more--white{border:1px solid rgba(255,255,255,0.3);}.page-node-676 #main-wrapper .region-content a,.page-node-676 .breadcrumb a{color:#000;background-color:transparent;text-decoration:none;transition:background 0.15s cubic-bezier(0.33,0.66,0.66,1);border-bottom:1px solid #007cbe;overflow-wrap:break-word;word-break:break-word;word-wrap:break-word;}.page-node-676 #main-wrapper .region-content a:hover,.page-node-676 .breadcrumb a:hover{background:#e8f4fa;border-bottom:1px solid #e8f4fa;}.page-node-676 #main-wrapper .region-content .bg--interactive-blue a,.page-node-676 .breadcrumb .bg--interactive-blue a,.page-node-676 #main-wrapper .region-content .bg--interactive-teal a,.page-node-676 .breadcrumb .bg--interactive-teal a{color:#fff;text-decoration:underline;border-bottom:0;box-shadow:none;}.page-node-676 #main-wrapper .region-content .bg--interactive-blue a:hover,.page-node-676 .breadcrumb .bg--interactive-blue a:hover,.page-node-676 #main-wrapper .region-content .bg--interactive-teal a:hover,.page-node-676 .breadcrumb .bg--interactive-teal a:hover{background:transparent;text-decoration:none;}.page-node-676 #main-wrapper .region-content .bg--interactive-blue a.btn--more--white,.page-node-676 .breadcrumb .bg--interactive-blue a.btn--more--white,.page-node-676 #main-wrapper .region-content .bg--interactive-teal a.btn--more--white,.page-node-676 .breadcrumb .bg--interactive-teal a.btn--more--white{border:1px solid rgba(255,255,255,0.3);}.page-node-661{font-size:18px;}.page-node-661 .breadcrumb{font-size:14px;font-weight:normal;}.page-node-661 .breadcrumb a{text-decoration:none;border-bottom:1px dashed #0071ad;padding-bottom:0;color:#0071ad;}.page-node-661 .breadcrumb a:hover{border-bottom:1px solid #0071ad;transition:none;}.page-node-661 #footer a{text-decoration:none;border-bottom:1px dashed #fff;padding-bottom:0;}.page-node-661 #footer a:hover{border-bottom:1px solid #fff;transition:none;}.page-node-661 .bg--interactive-blue a,.page-node-661 .bg--interactive-teal a{color:#fff;border-bottom:1px dashed #fff;text-decoration:none;padding-bottom:0;}.page-node-661 .bg--interactive-blue a:hover,.page-node-661 .bg--interactive-teal a:hover{border-bottom:1px solid #fff;text-decoration:none;}.page-node-661 .bg--interactive-blue a.btn--more--white,.page-node-661 .bg--interactive-teal a.btn--more--white{border:1px solid rgba(255,255,255,0.3);padding:5px 20px;}div.node-webform form.webform-client-form div.webform-component-markup p{margin-top:18px;margin-bottom:8px;}div.node-webform form.webform-client-form div.webform-component-markup ul li{position:relative;margin-left:25px;margin-bottom:8px;display:list-item;list-style-type:disc;}div.node-webform form.webform-client-form div.webform-component-markup ul{margin-bottom:20px;}.view-website-az-list .views-summary-unformatted a{display:inline-block;border:1px solid #052049;margin:2px 0px;padding:2px;font-weight:bold;color:white;background-color:#052049;width:1.5em;text-align:center;}.views-row{overflow:auto;padding:50px 0;border-bottom:1px solid #dbdbdb;}.view-content{overflow:auto;}.container{clear:both;overflow:auto;}.container div{float:left;width:150px;overflow:auto;}.container div + div{width:65%;overflow:auto;}#block-views-exp-website-az-list-page .views-exposed-form .form-text{font-size:1.2em;}#block-views-exp-website-az-list-page .views-exposed-form .views-exposed-widget .form-submit{margin-top:0px;}.item-list ul.pager{margin:50px auto;clear:both;}.page-drupal-tutorials hr{margin:1.5em 0 1.5em 0;} /*]]>*/--> </style> <link type="text/css" rel="stylesheet" href="https://websites.ucsf.edu/sites/websites.ucsf.edu/files/css/css_MB_OJmOWZ3q8_itIvibVBCwqx5eIBtmFezuG3FGZPnE.css" media="all" /> <script type="text/javascript" src="https://websites.ucsf.edu/sites/websites.ucsf.edu/files/js/js_Pt6OpwTd6jcHLRIjrE-eSPLWMxWDkcyYrPTIrXDSON0.js"></script> <script type="text/javascript" src="https://websites.ucsf.edu/sites/websites.ucsf.edu/files/js/js_onbE0n0cQY6KTDQtHO_E27UBymFC-RuqypZZ6Zxez-o.js"></script> <script type="text/javascript" src="https://websites.ucsf.edu/sites/websites.ucsf.edu/files/js/js_gHk2gWJ_Qw_jU2qRiUmSl7d8oly1Cx7lQFrqcp3RXcI.js"></script> <script type="text/javascript" src="https://websites.ucsf.edu/sites/websites.ucsf.edu/files/js/js_ROty9TLRT7GvgDUFw_QNzL45vlatntRp6wuC_6otqeQ.js"></script> <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/hopscotch/0.2.5/js/hopscotch.min.js"></script> <script type="text/javascript" src="https://websites.ucsf.edu/sites/websites.ucsf.edu/files/js/js_X29AUVcfuG5wHH9ySA6s5LgOAjmkzlakDPpSV6MBBjY.js"></script> <script type="text/javascript" src="https://www.googletagmanager.com/gtag/js?id=UA-174314-31"></script> <script type="text/javascript"> <!--//--><![CDATA[//><!-- window.dataLayer = window.dataLayer || [];function gtag(){dataLayer.push(arguments)};gtag("js", new Date());gtag("set", "developer_id.dMDhkMT", true);gtag("config", "UA-174314-31", {"groups":"default","anonymize_ip":true});gtag("config", "G-YWK55T7MSC", {"groups":"default","anonymize_ip":true}); //--><!]]> </script> <script type="text/javascript"> <!--//--><![CDATA[//><!-- var sliderSecondary ='slider-secondary-no-image';var sliderPrimary ='slider-no-image'; //--><!]]> </script> <script type="text/javascript" src="https://websites.ucsf.edu/sites/websites.ucsf.edu/files/js/js_pBJ9BqqTImG5h6xNRUOzZ4_9dQezvjMt-I7yPp8naQY.js"></script> <script type="text/javascript" src="https://websites.ucsf.edu/sites/websites.ucsf.edu/files/js/js_QQeuJpMVaNOcbJ6HF3pJFdPsqb0L--SFT89e1HBmNhE.js"></script> <script type="text/javascript"> <!--//--><![CDATA[//><!-- jQuery.extend(Drupal.settings, {"basePath":"\/","pathPrefix":"","setHasJsCookie":0,"ajaxPageState":{"theme":"ucsf_b1gfoot_theme","theme_token":"7CDkCzj0c7kKwGkeRzNOMEx-CzVVQQLix9EDOdiDYk4","js":{"sites\/all\/modules\/contrib\/jquery_update\/replace\/jquery\/1.12\/jquery.min.js":1,"misc\/jquery-extend-3.4.0.js":1,"misc\/jquery-html-prefilter-3.5.0-backport.js":1,"misc\/jquery.once.js":1,"misc\/drupal.js":1,"sites\/all\/modules\/contrib\/jquery_update\/js\/jquery_browser.js":1,"misc\/form-single-submit.js":1,"sites\/all\/modules\/contrib\/entityreference\/js\/entityreference.js":1,"profiles\/ucsf_b1gfoot\/modules\/b1gfoot\/ucsf_b1gfoot_admin_menu\/js\/ucsf_b1gfoot_admin_menu.js":1,"profiles\/ucsf_b1gfoot\/modules\/b1gfoot\/ucsf_eds_sitebuilder_profiles\/ucsf_eds_sitebuilder_profiles_tweaks.js":1,"https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/hopscotch\/0.2.5\/js\/hopscotch.min.js":1,"profiles\/ucsf_b1gfoot\/modules\/b1gfoot\/y3ti_help\/js\/y3ti_help.js":1,"sites\/all\/modules\/contrib\/google_analytics\/googleanalytics.js":1,"https:\/\/www.googletagmanager.com\/gtag\/js?id=UA-174314-31":1,"0":1,"1":1,"profiles\/ucsf_b1gfoot\/modules\/b1gfoot\/ucsf_b1gfoot_sitewizard\/js\/ucsf_b1gfoot_sitewizard.js":1,"profiles\/ucsf_b1gfoot\/themes\/ucsf_b1gfoot_theme\/js\/vendor\/slick\/slick.js":1,"profiles\/ucsf_b1gfoot\/themes\/ucsf_b1gfoot_theme\/js\/vendor\/icheck.min.js":1,"profiles\/ucsf_b1gfoot\/themes\/ucsf_b1gfoot_theme\/js\/build\/main.js":1,"profiles\/ucsf_b1gfoot\/themes\/ucsf_b1gfoot_theme\/js\/vendor\/responsive-nav\/responsive-nav.min.js":1,"profiles\/ucsf_b1gfoot\/themes\/ucsf_b1gfoot_theme\/js\/script.js":1},"css":{"modules\/system\/system.base.css":1,"modules\/system\/system.messages.css":1,"modules\/system\/system.theme.css":1,"sites\/all\/modules\/contrib\/simplenews\/simplenews.css":1,"modules\/comment\/comment.css":1,"sites\/all\/modules\/contrib\/date\/date_repeat_field\/date_repeat_field.css":1,"modules\/field\/theme\/field.css":1,"modules\/node\/node.css":1,"modules\/search\/search.css":1,"modules\/user\/user.css":1,"sites\/all\/modules\/contrib\/views\/css\/views.css":1,"sites\/all\/modules\/contrib\/ckeditor\/css\/ckeditor.css":1,"sites\/all\/modules\/contrib\/ctools\/css\/ctools.css":1,"profiles\/ucsf_b1gfoot\/modules\/b1gfoot\/ucsf_b1gfoot_admin_menu\/css\/ucsf_b1gfoot_admin_menu.css":1,"profiles\/ucsf_b1gfoot\/modules\/b1gfoot\/ucsf_b1gfoot_sitewizard\/css\/ucsf_b1gfoot_sitewizard.css":1,"1":1,"https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/hopscotch\/0.2.5\/css\/hopscotch.min.css":1,"https:\/\/maxcdn.bootstrapcdn.com\/font-awesome\/4.4.0\/css\/font-awesome.min.css":1,"profiles\/ucsf_b1gfoot\/themes\/ucsf_b1gfoot_theme\/js\/vendor\/slick\/slick.css":1,"profiles\/ucsf_b1gfoot\/themes\/ucsf_b1gfoot_theme\/css\/screen.css":1,"profiles\/ucsf_b1gfoot\/themes\/ucsf_b1gfoot_theme\/css\/print.css":1,"0":1,"profiles\/ucsf_b1gfoot\/themes\/ucsf_b1gfoot_theme\/css\/colors\/primary\/primary-grey.css":1,"profiles\/ucsf_b1gfoot\/themes\/ucsf_b1gfoot_theme\/css\/colors\/secondary\/secondary-blue.css":1}},"googleanalytics":{"account":["UA-174314-31","G-YWK55T7MSC"],"trackOutbound":1,"trackMailto":1,"trackDownload":1,"trackDownloadExtensions":"7z|aac|arc|arj|asf|asx|avi|bin|csv|doc(x|m)?|dot(x|m)?|exe|flv|gif|gz|gzip|hqx|jar|jpe?g|js|mp(2|3|4|e?g)|mov(ie)?|msi|msp|pdf|phps|png|ppt(x|m)?|pot(x|m)?|pps(x|m)?|ppam|sld(x|m)?|thmx|qtm?|ra(m|r)?|sea|sit|tar|tgz|torrent|txt|wav|wma|wmv|wpd|xls(x|m|b)?|xlt(x|m)|xlam|xml|z|zip"},"urlIsAjaxTrusted":{"\/website-security":true}}); //--><!]]> </script> </head> <body class="html not-front not-logged-in page-node page-node- page-node-9896 node-type-page slider-secondary ucsf-b1gfoot font--header--granjon slider-secondary-no-image profile--grid sidebar sidebar--right sidebar-color--white" > <div id="skip-link"> <a href="#main-content" class="element-invisible element-focusable">Skip to main content</a> </div> <div id="page-wrapper"> <div id="page"> <div class="ucsf-top-header row-full-width no-logo"> <div class="inside"> <ul class="menu"> <li class="first"><a href="http://www.ucsf.edu">University of California San Francisco</a></li> <li><a href="http://www.ucsfhealth.org/">UCSF Health</a></li> <li><a href="http://www.ucsf.edu/search" title="">Search UCSF</a></li> <li><a href="http://www.ucsf.edu/about">About UCSF</a></li> </ul> </div> </div> <div id="header" class="row-full-width"> <div class="inside clearfix"> <h1 id="site-name"> <a href="/" title="Home" rel="home"> UCSF Websites </a> </h1> <div class="region region-header"> <div id="block-search-form" class="block block-search"> <div class="content"> <form onsubmit="if(this.search_block_form.value==&#039;Search&#039;){ alert(&#039;Please enter a search&#039;); return false; }" action="/website-security" method="post" id="search-block-form" accept-charset="UTF-8"><div><div class="container-inline"> <h2 class="element-invisible">Search form</h2> <div class="form-item form-type-textfield form-item-search-block-form"> <label class="element-invisible" for="edit-search-block-form--2">Search... </label> <input title="Enter the terms you wish to search for." placeholder="Search..." class="text-input fa fa-search form-text" aria-hidden="" type="text" id="edit-search-block-form--2" name="search_block_form" value="" size="40" maxlength="128" /> </div> <div class="form-actions form-wrapper" id="edit-actions"><input type="submit" id="edit-submit" name="op" value="" class="form-submit" /></div><input type="hidden" name="form_build_id" value="form-8SBmT0SdcQ5h5lVUqjJZz8pI93MO3h_U7iLRT7yMhNs" /> <input type="hidden" name="form_id" value="search_block_form" /> </div> </div></form> </div> </div> <div id="block-ucsf-b1gfoot-tweaks-header-socialmedia" class="block block-ucsf-b1gfoot-tweaks"> <div class="content"> <div class="nav-social"></div> </div> </div> <div id="block-menu-block-1" class="block block-menu-block"> <div class="content"> <div class="menu-block-wrapper menu-block-1 menu-name-main-menu parent-mlid-0 menu-level-1"> <ul class="menu"><li class="first expanded menu-mlid-1966"><a href="/checklist-create-website">Get Started</a><ul class="menu"><li class="first leaf menu-mlid-2036"><a href="/checklist-create-website" title="">New Website Checklist</a></li> <li class="leaf menu-mlid-1976"><a href="/quiz-do-i-need-website">Quiz: Do I Need A Website?</a></li> <li class="leaf menu-mlid-2021"><a href="/ucsf-site-builder">UCSF Site Builder</a></li> <li class="leaf has-children menu-mlid-2032"><a href="/custom-built-sites">Custom-Built Sites</a></li> <li class="leaf menu-mlid-3921"><a href="/website-hosting">Website Hosting</a></li> <li class="last leaf menu-mlid-5791"><a href="/consulting-services">Consulting Services</a></li> </ul></li> <li class="expanded active-trail menu-mlid-1981"><a href="/policies-standards" class="active-trail">Policies &amp; Standards</a><ul class="menu"><li class="first leaf menu-mlid-2041"><a href="/policies-standards" title="">Overview &amp; Requirements</a></li> <li class="leaf menu-mlid-4051"><a href="/policies-standards/ucsf-policy-registration-and-use-domain-names">Registration and Use of Domain Names</a></li> <li class="leaf menu-mlid-2046"><a href="/brand-standards">Brand Standards</a></li> <li class="leaf has-children menu-mlid-2051"><a href="/digital-accessibility">Digital Accessibility</a></li> <li class="last leaf active-trail active menu-mlid-12426"><a href="/website-security" class="active-trail active">Website Security</a></li> </ul></li> <li class="leaf menu-mlid-1996"><a href="/showcase">Showcase</a></li> <li class="expanded menu-mlid-2256"><a href="/blog" title="">News &amp; Events</a><ul class="menu"><li class="first leaf menu-mlid-2261"><a href="/blog" title="">News &amp; Announcements</a></li> <li class="last leaf menu-mlid-2061"><a href="/events">Events</a></li> </ul></li> <li class="expanded menu-mlid-2001"><a href="/help">Help</a><ul class="menu"><li class="first leaf menu-mlid-13161"><a href="/training">Training</a></li> <li class="leaf menu-mlid-2016"><a href="/frequently-asked-questions">Frequently Asked Questions</a></li> <li class="leaf menu-mlid-2006"><a href="https://it.ucsf.edu/service/digital-accessibility-program" title="">Accessibility Resources</a></li> <li class="last leaf menu-mlid-9841"><a href="/drupal-tutorials" title="">Tutorials</a></li> </ul></li> <li class="last expanded menu-mlid-8591"><a href="/azlist" title="">A-Z Websites</a><ul class="menu"><li class="first leaf menu-mlid-9836"><a href="/azlist" title="">A-Z Websites List</a></li> <li class="last leaf menu-mlid-9826"><a href="/updating-z-website-list">Updating the A-Z list</a></li> </ul></li> </ul></div> </div> </div> </div> </div> </div> <div id="breadcrumb" class="row-full-width"><div class="inside"><h2 class="element-invisible">You are here</h2><div class="breadcrumb"><a href="/">Home</a> > <a href="/policies-standards">Policies &amp; Standards</a> > <span class="breadcrumb-page-title">Website Security</span></div></div></div> <h1 class="title" id="page-title">Website Security</h1> <div class="content-top"> </div> <div id="main-wrapper"> <div id="main" class="clearfix"> <div id="content" class="column"> <div class="inside"> <a id="main-content"></a> <div class="tabs"></div> <div class="region region-content"> <div id="block-system-main" class="block block-system"> <div class="content"> <div id="node-9896" class="node node-page slider-secondary clearfix" about="/website-security" typeof="sioc:Item foaf:Document"> <span property="dc:title" content="Website Security" class="rdf-meta element-hidden"></span><span property="sioc:num_replies" content="0" datatype="xsd:integer" class="rdf-meta element-hidden"></span> <div class="content"> <div class="field field-name-field-body field-type-text-long field-label-hidden"><div class="field-items"><div class="field-item even"><p>All UCSF websites must meet minimum security standards, as outlined by UCSF Information Technology Services and the University聽of California <a href="https://policy.ucop.edu/doc/7000543/BFB-IS-3">Electronic Information Security Policy</a>. For more information, visit聽<a href="http://it.ucsf.edu/services/application-and-website-security" target="_blank">Application and Website Security</a>聽about vulnerability scanners available.聽</p> <p><strong>For most websites that contain only public data聽your website software must be patched with security updates within 21 days of the patch being released.</strong></p> <p>Should you choose not to use the UCSF Drupal web hosting, you are responsible to put in sufficient controls to mitigate risk.</p> <h2>Best Practices</h2> <ul> <li>Do not share credentials amongst admins and content creators.</li> <li>Create unique logins and passwords for each person that works on your site.</li> <li>Review user accounts for your site on a regular basis. Delete users no longer performing admin聽tasks or creating and editing content.</li> <li>Be cautious of allowing non-authenticated guests聽to submit webforms.</li> <li>Do not allow non-authenticated guests to upload files via webforms.</li> </ul> <h2>UCSF Drupal Template Websites</h2> <p>If you are using the UCSF Drupal Template, then Web Services does the heavy lifting. The聽UCSF Web Services team聽applies聽the Drupal security patches weekly so you don't have to. If you are getting email notifications that a security patch is available for Drupal, you can change the frequency or <a href="https://websites.ucsf.edu/frequently-asked-questions#security%20updates">turn off<b>聽</b>these notifications</a>.</p> <h2>Non-Drupal Websites</h2> <p>If you are not using the聽UCSF Drupal Template or your聽website is being hosted by a non-UCSF聽3rd party hosting company,聽such as SquareSpace, WiX, or DreamHost, security聽is still your responsibility.聽</p> <p>IT Services offers <a href="https://it.ucsf.edu/services/application-and-website-security/netsparker">Netsparker Cloud,</a>聽a self-service web application vulnerability scanner, which is able to find OWASP based web application vulnerabilities such as SQL injection, and cross-site scripting (XSS) within a web application.聽</p> <p>To聽get started, contact the Service Desk at 415-514-4100,聽and submit a request, or email聽<a href="/cdn-cgi/l/email-protection#1a697f796f68736e635a6f79697c347f7e6f" rel="nofollow"><span class="__cf_email__" data-cfemail="8bf8eee8fef9e2fff2cbfee8f8eda5eeeffe">[email&#160;protected]</span></a>.</p> </div></div></div> </div> </div> </div> </div> </div> </div> </div> <div id="sidebar" class="column"> <div class="sidebar_top"> <div class="region region-sidebar-top"> <div id="block-menu-block-2" class="block block-menu-block"> <h3><a href="/policies-standards" class="active-trail">Policies &amp; Standards</a></h3> <div class="content"> <div class="menu-block-wrapper menu-block-2 menu-name-main-menu parent-mlid-0 menu-level-2"> <ul class="menu"><li class="first leaf menu-mlid-2041"><a href="/policies-standards" title="">Overview &amp; Requirements</a></li> <li class="leaf menu-mlid-4051"><a href="/policies-standards/ucsf-policy-registration-and-use-domain-names">Registration and Use of Domain Names</a></li> <li class="leaf menu-mlid-2046"><a href="/brand-standards">Brand Standards</a></li> <li class="expanded menu-mlid-2051"><a href="/digital-accessibility">Digital Accessibility</a><ul class="menu"><li class="first leaf menu-mlid-5776"><a href="/siteimprove">Siteimprove</a></li> <li class="leaf menu-mlid-6266"><a href="/accessibility-complaint-investigation-and-resolution-process">Accessibility Complaint Investigation and Resolution Process</a></li> <li class="last leaf menu-mlid-6271"><a href="/accessibility-governing-policies-and-ucsf-standards">Accessibility Governing Policies and UCSF Standards</a></li> </ul></li> <li class="last leaf active-trail active menu-mlid-12426"><a href="/website-security" class="active-trail active">Website Security</a></li> </ul></div> </div> </div> </div> </div> </div> </div></div> <div id="footer"> <div class="section"> <div class="region region-footer"> <div id="block-block-31" class="block block-block"> <div class="content"> <p>Is there additional information on UCSF websites that would be helpful to you? Send us feedback at <a href="/cdn-cgi/l/email-protection#ceb9abacbdabbcb8a7adabbd8ebbadbda8e0abaabb"><span class="__cf_email__" data-cfemail="c9beacabbaacbbbfa0aaacba89bcaabaafe7acadbc">[email&#160;protected]</span></a>.</p> </div> </div> </div> <div class="footer-bottom"> <nav aria-label="Footer Navigation" class="footer--navigation"> <ul> <li><a href="/consulting-services">Contact Us</a></li> <li><a href="https://websites.ucsf.edu/digital-accessibility">Accessibility</a></li> <li><a href="https://www.ucsf.edu/website-privacy-policy">Privacy Policy</a></li> <li><a href="https://websites.ucsf.edu/website-terms-use">Terms of Use </a></li> <li><a href="https://websites.ucsf.edu/azlist">A-Z Website List</a></li> </ul> </nav> <div class="footer--copyright"> <p>&copy; 2024 The Regents of the University of California</p> </div> </div> </div> </div> </div> </div> <script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script><script type="text/javascript"> /*<![CDATA[*/ (function() { var sz = document.createElement('script'); sz.type = 'text/javascript'; sz.async = true; sz.src = '//siteimproveanalytics.com/js/siteanalyze_8343.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(sz, s); })(); /*]]>*/ </script> </body> </html>

Pages: 1 2 3 4 5 6 7 8 9 10