HTTPS: Access to web application only via HTTPS, the industry standard for secure websites.
Two Factor Authorization: Each user must have a strong password. In future releases, the Sign In protocol will be replaced by two factor authorization.
Roles: Role based permissions for users will be assigned, specified for the university’s or college’s Site Administrator, University Administrator, Chief Enrollment Officer, Chief Retention Officer, and/or Recruiter. Amazon’s Identity Access Management (IAM) service controls access, enforces protections, and provides granular control over large quantity of account users.
Logging activity: User activity will be logged or recorded and documented.
- Student file names will be “obfuscated” by random sequence of chars (GUID) while in storage.
- Access to file storage will be managed by application or user roles. Access will be reinforced in future releases by token-based security and additional security policies.
Token-based security means a special char sequence added to URL to open it. Limited access by IP address of user.
Data Isolation. Application Instances, the server or virtual host, are independent from any other account.
Enctyption. Database instance will use encryption and won’t be accessible from the Internet.
Development. Application development process included Quality Assurance checks and security checks on “staging” instances before deployment to production.