Maintaining public sites, Web sites designed to market, promote or share information about divisions/colleges/schools/programs/departments, on a departmental server requires attention to the following:
Security — Security is a vital part of maintaining public sites on one's own server. Departments with Web servers must take care to meet all requirements described in university information security policies. In addition, if requested, information systems will provide technical assistance with a department’s security needs. Some specific security procedures a department may want to consider include:
- Running a firewall.
- Updating security, operating system, Web server and application patches regularly.
- Running virus-scanning software at all times.
- Frequent monitoring of site information to verify that inappropriate changes have not been made.
- Frequent monitoring of system logs, executables and other vulnerable files to verify that inappropriate changes have not been made.
- Minimizing logins and other system-level access to the extent possible.
- Changing all system passwords at least quarterly.
- Staying abreast of latest security threats and taking prompt action to protect against them.
Maintenance of Server — Those departments that opt to host a Web site on an independent server must assign a designee to periodically visit the Web site to confirm that the server is operational and take corrective action if something has failed.