WiscWeb - NetID page protection
WiscWeb offers a simple option for protecting pages with NetID. However, there are considerations and limitations for its use. Additionally, users must request that this be activated on a site and must provide a draft of the content to be protected.
Overview
NetID page protection requires users to log in with their NetID to view a specific page. After reading through the considerations, limitations, and finalizing your page draft, send a request to the WiscWeb team to have this activated on a page.
Considerations
- Media (PDFs, images, etc.) placed within your protected pages will not be protected.
- If a user has the URL for the media, they can still get to the file.
- The only way to protect media is to upload it to UW Box and link out to it.
- Protected pages may not appear in Google Analytics by default.
- This option only limits access to everyone with a NetID; it will not integrate with a Manifest Group at this time.
- Users who navigate to a protected page will be required to authenticate with NetID even if they are already signed in to WiscWeb.
Limitations
- Intended for 1-2 pages on a site, not an entire site
- i.e., This is not a solution for intranet sites
- Requests to have this applied to multiple pages of the site will be denied
- Only applies to Pages
- Can only be set by a member of the WiscWeb team (via a request)
- Cannot be applied to front page/homepage
- Cannot contain sensitive or restricted data
Basic NetID protection policy
- Users must have the page created and in draft before requesting the protection
- This allows the WiscWeb team to confirm the page does not contain any sensitive or restricted data
- WiscWeb is not secured to host sensitive/restricted data (see policy: WiscWeb - Sensitive, restricted, and internal data policy)
- This allows the WiscWeb team to confirm the page does not contain any sensitive or restricted data
- If any sensitive or restricted data is suspected, WiscWeb will send a request to the DoIT Cybersecurity team to review and confirm
- This can delay the process
- Cybersecurity may reach out to your team with any additional or follow-up questions about the content
- WiscWeb will only add the option to the page once Cybersecurity has confirmed that no sensitive or restricted data is included
- If sensitive or restricted data is added at a later date, the WiscWeb team will take down the page and remove the protections
To request a protected page
- Create a page, add your content to it, and save it as a draft (why?)
- Submit a NetID protection request through our Customer Support Form
- Under topic area, choose "NetID Page Protection Request"
- WiscWeb will review the content of your page to confirm it isn’t suspected to include sensitive or restricted data per the information above
- Once confirmed, a member of the WiscWeb team will add the NetID protection to the page
- You will be contacted once the protection is in place
FAQ
- Why must I provide a draft of the page?
- In our initial discovery around this feature, there were some questions around the content needing to be protected. In a few cases, the requests were to protect content that was considered sensitive/restricted. Our service cannot host sensitive/restricted data. By providing a draft of the content to be protected, we can ensure the content is safe to host within our service.
- In our initial discovery around this feature, there were some questions around the content needing to be protected. In a few cases, the requests were to protect content that was considered sensitive/restricted. Our service cannot host sensitive/restricted data. By providing a draft of the content to be protected, we can ensure the content is safe to host within our service.
- Why aren't you offering the option to integrate with Manifest Groups?
- At this time, the option is to have pages open to the public or open to all NetIDs. Offering an integration with something like Manifest is more nuanced and requires additional testing and configuration.
- At this time, the option is to have pages open to the public or open to all NetIDs. Offering an integration with something like Manifest is more nuanced and requires additional testing and configuration.
- Why can't I use this on the homepage of my site?
- This option is intended for 1-2 interior pages of your site. It is not intended to be used as an option for providing an intranet website that is locked down at the root. Therefore, we do not allow for the homepage to be protected.
- This option is intended for 1-2 interior pages of your site. It is not intended to be used as an option for providing an intranet website that is locked down at the root. Therefore, we do not allow for the homepage to be protected.
- If it's locked down, why can't I include sensitive/restricted data?
- Please review our documentation on our sensitive/restricted data policy to learn more about why this isn't allowed: WiscWeb - Sensitive, restricted, and internal data policy