Diese Präsentation wurde erfolgreich gemeldet.
Die SlideShare-Präsentation wird heruntergeladen. ×

GDPR and EA Commissioning a web site Part 6 of 8

Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige
Anzeige

Hier ansehen

1 von 32 Anzeige

GDPR and EA Commissioning a web site Part 6 of 8

Herunterladen, um offline zu lesen

Sixth of eight decks written to provide overview guidance of the way the web works for small to medium sized enterprises who are considering commissioning a web site for the first time. This deck introduces the idea that a web site is "not just for Christmas" and once set live, arguably, the work begins. Search engine optimisation (SEO) and cookie management and some of their associated legal issues are introduced

Sixth of eight decks written to provide overview guidance of the way the web works for small to medium sized enterprises who are considering commissioning a web site for the first time. This deck introduces the idea that a web site is "not just for Christmas" and once set live, arguably, the work begins. Search engine optimisation (SEO) and cookie management and some of their associated legal issues are introduced

Anzeige
Anzeige

Weitere Verwandte Inhalte

Ähnlich wie GDPR and EA Commissioning a web site Part 6 of 8 (20)

Aktuellste (20)

Anzeige

GDPR and EA Commissioning a web site Part 6 of 8

  1. 1. The Organisation As A System The Performance Organisers Structured Coherent Design The Performance Organisers Commissioning a Web Site Part Six – Now you have a site, how do you use it? The introduction slide deck video can be downloaded here This slide deck can be downloaded from: http://www.jitsoftware.co.uk/training/websitecse/webexploit.pptx The preceding video on web page writing can be downloaded here
  2. 2. The Performance Organisers http://www.jitsoftware.co.uk Commissioning a Web Site – Now how do you use it?
  3. 3. The Performance Organisers About the Author: • Allen Woods, recently retired. • Ex British Army (1971 – 1995) Taught Arctic Warfare, Several Years On Operations, Funded Himself through College to Study IT • Chartered Member of the British Computer Society for 20 years • Member of the Chartered Status Interview Panel for BCS • In 2010, Finalist of UK “Developer Of The Year” Competition for HSIS • Primarily Employed in UK Defence Supply Chain and Logistics IT since 1995 until 2019 • Credits: MoD Health and Safety Information System, Various Internal to Defence P&G Portals, CATMIS, IQB Oversight to Defence Voyager Programme IM Transformation • Home Domain: http://www.jitsoftware.co.uk/portal/ Commissioning a Web Site – Now how do you use it?
  4. 4. The Performance Organisers Commissioning a Web Site – Now how do you use it? Now it starts…….
  5. 5. The Performance Organisers Your Organisation Boundary The Organisation Boundary Client 1 Client 3 Client 2 Server room Internet Service Provider External Client Technical Legal Consultancy Commissioning a Web Site – Writing a Web Page Content Manager
  6. 6. The Performance Organisers As Ever…. Security Commissioning a Web Site – Now how do you use it?
  7. 7. The Performance Organisers Security Issues to consider…………………………… ? ? SAAS And External Code <!--#include file=“http://www.anotherdomain/a folder/abitofcode.js" --> ? ? The seduction of “free” and “simple” Commissioning a Web Site – Now how do you use it? SSL/TSL Certificate
  8. 8. The Performance Organisers Commissioning a Web Site – Now how do you use it? Learn about your web management utilities and consoles
  9. 9. The Performance Organisers Commissioning a Web Site – Now how do you use it? Security policy should Include: • IIS Configuration Settings. • Response Headers (as per securityheaders.com advice) • Role profiles. • Web site password policy • Records of processing activity • Data Protection Impact Assessment (DPIA) • Source code back up policy • And more besides….. It is reasonable to expect your site developer to be able to advise on these issues……. Not forgetting regular reviews
  10. 10. The Performance Organisers Web Cataloguing Commissioning a Web Site – Now how do you use it?
  11. 11. The Performance Organisers Commissioning a Web Site – Now how do you use it? Data Centers…….
  12. 12. The Performance Organisers Regular cataloguging cycles Commissioning a Web Site – Now how do you use it? Not forgetting, that not everything crawling the web is benign.. ISP Tech Support Content Manager
  13. 13. The Performance Organisers Search Engine Optimisation (SEO) Commissioning a Web Site – Now how do you use it?
  14. 14. The Performance Organisers Commissioning a Web Site – Now how do you use it? Some Observations • There isn’t just one search engine……… • Some key web promotion capabilities are not search engines anyway • Search Engine Optimisation is now closely aligned as part of business models to “cost per click” type advertising • “cost per click” tends to mean the more you can pay, the more frequently your site will appear in search results • Search for “SEO Techniques” • SEO does not come “out of the box”, it requires work. • Many SEO techniques require traffic sharing as part of the deal….. Don’t forget liabilities of accountability.
  15. 15. The Performance Organisers Commissioning a Web Site – Now how do you use it? Optimise your content to facilitate cataloguing <%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Hello World Baasic Page</title> <style type="text/css"> .tabletitle { font-family:Arial, Helvetica, sans-serif; font-size: 24px; color:#006; height: 26; font-style: normal; font-weight: bold; text-align: center; } </style> <script language="JavaScript" type="text/JavaScript"> function showalert(){ alert("You clicked the text"); } </script> </head> <body> <span class="tabletitle" onclick="showalert()">Hello World. we've added a bit of code now! Click the text</span> </body> </html> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="description" content="A sample Hello World web page to illustrate some of the factors to consider when building a simple web site"> <meta name="robots" content="noindex, nofollow"> <meta name="revisit-after" content="30 days"> <meta name="copyright" content="All site content copyright The Performance Organisers"> <meta name="keywords" content="separate, keywords, and phrases, with a comma">
  16. 16. The Performance Organisers Cookies Commissioning a Web Site – Now how do you use it?
  17. 17. The Performance Organisers “Cookies” are small files or browser specific database entries which are stored on a user's computer. They are designed to hold a modest amount of data specific to a particular client and website, and can be accessed either by the web server or the client computer. This allows the server to deliver a page tailored to a particular user, or the page itself can contain some script which is aware of the data in the cookie and so is able to carry information from one visit to the website (or related site) to the next. Commissioning a Web Site – Now how do you use it? Cookies what are they?
  18. 18. The Performance Organisers A cookie is basically a string of text characters not longer than 4 KB. Cookies are set in name=value pairs, separated by semi-colons. For example, a cookie might be a string like the following: "theme=blue; max-age=60; path=/; domain=thesitewizard.com" Commissioning a Web Site – Now how do you use it? Cookies how are they written?
  19. 19. The Performance Organisers Extending the organisation boundary.. Controller/Processor Relationships ? ? SAAS And External Code <!--#include file=“http://www.anotherdomain/a folder/abitofcode.js" --> ? ? The seduction of “free” and “simple” Commissioning a Web Site – Now how do you use it? Cookies and the organisation boundary
  20. 20. The Performance Organisers Commissioning a Web Site – Now how do you use it? Cookies where are they stored? To find out where cookies are stored you will need to consult your browser documentation. If you run or use more than one browser, then there is likely to be more than one cookie location Anything else? Cookies can be used to provide a means to share information by multiples of organisations.
  21. 21. The Performance Organisers The Use of Cookies is governed by legislation. The Privacy and Electronic Comminication Regulations. With, for the UK, Information Commissioner advice and guidance on cookie use available here. The PECR is going to be replaced by ePrivacy Regulation (ePR) Commissioning a Web Site – Now how do you use it? <!--#include file=“http://www.anotherdomain/a folder/abitofcode.js" --> The operating principle is one of consent. But consent per use of each cookie. Bear in mind that some components and SAAS applications may drop any number of cookies, for any period of time… Regardless of your privacy statements Cookies and the Law…..
  22. 22. The Performance Organisers If you do not need them after careful consideration, do not use them. Commissioning a Web Site – Now how do you use it? Cookies and their use… Advice…
  23. 23. The Performance Organisers Components Commissioning a Web Site – Now how do you use it?
  24. 24. The Performance Organisers Commissioning a Web Site – Now how do you use it? Templates Code Libraries Software as a service Types or classes of “component”
  25. 25. The Performance Organisers A Case study.. Live but unnamed web site Commissioning a Web Site – Now how do you use it?
  26. 26. The Performance Organisers Commissioning a Web Site – Now how do you use it? <!--#include file=“http://www.anotherdomain/a folder/abitofcode.js" --> Internet Service Provider Possible Routing……
  27. 27. The Performance Organisers Commissioning a Web Site – Now how do you use it? Just “Google Analytics”… Your sensitive visitor details are being tracked by Google…….
  28. 28. The Performance Organisers Commissioning a Web Site – Now how do you use it? So.. An Alternative? No cookies, no external code, no third party components hosted by another domain The Portal
  29. 29. The Performance Organisers Commissioning a Web Site – Now how do you use it? OK – How do I monitor all this? Some free to use tools: F12 – View Source (or browser equivalent) Baycloud Security Headers Web Page Testing OWASP Security tools The EU Information Providers Guide There will be many more……………………. Its your risk, your responsibility. Take advice
  30. 30. The Performance Organisers Reading List: Commissioning a Web Site – Now how do you use it? The Personal Trainer IIS 8 Administration Learn Search Engine Optimisation The EU Information Providers Guide The French Data Protection Authority (CNIL) The UK Data Protection Authority (ICO) The European Information Security Summit UK National Cyber Security Centre
  31. 31. The Performance Organisers Commissioning a Web Site – Now how do you use it? Monitor and Manage: License terms Terms and Conditions of Use – Particularly Liabilities and Indemnification Nature of service delivery – who is processing what? Nature of monitoring – Beacons, cookies, bots Transfer of data – PII, other sensitive data Contract terms – BCR’s, possible need for European “presence”. Change control Site ranking Content And more besides…… A web site is not just for Christmas
  32. 32. http://www.jitsoftware.co.uk Tel: +44 07780 568449 Email: allenwoods@jit-software.com Skype: apw808 The Performance Organisers Commissioning a Web Site – Now how do you use it?

×