¿´Æ¬ÊÓƵ

Webform Security: Protecting user data

Confidential user information should be safeguarded by everyone
Image by https://www.flickr.com/photos/fluffymuppet/.

Site Managers canÌýdo their partÌýtoÌýensure that users' confidential information is protected when they fill out webforms.

Don't ask for financial information

AskingÌýusers to provide the following information via a WMS formÌýis absolutely verboten:

  • credit card numbers
  • debit card numbers

Any forms that have collected such information will be immediately flagged and shut down.

Furthermore, any database backupsÌýcontaining credit card informationÌýwill be deleted.Ìý

Since backups contain more than oneÌýWMS site, deletionÌýwill not justÌýaffect the site where the form originated. Multiple sites may find their abilityÌýto have their databases restored compromised.

Anyone who collects credit card information in an unsecure and unauthorized mannerÌýmay be found in violation of financial confidentiality laws and expose themselves to legal liability.
If you need to collect payment, please get in touch with Financial Services
.


Don't show user credentials

Anonymous forms that ask users to enter the following informationÌýwill also be flagged but not shut down:

  • ¿´Æ¬ÊÓƵ ID
  • password
  • username

Site AdministratorsÌýwill be notified so they can ensure that the form is authenticatedÌý(i.e., requires users to login) and these fields are removed.

If ¿´Æ¬ÊÓƵ IDs and usernames are required to verify a user's identity, the fields should be modified to use tokens so this information can be saved in the submission records.


Webform best practices

  1. Authenticate, authenticate, authenticate
    Most security issues can be averted simply by asking users to login. Just uncheck anonymous user under SUBMISSION ACCESS in the Form Settings.

    You can also further restrict your form by making it available only to certain roles or user groups:
    • ¿´Æ¬ÊÓƵ Staff and Faculty
    • ¿´Æ¬ÊÓƵ Casual Staff
    • ¿´Æ¬ÊÓƵ Affiliate
    • ¿´Æ¬ÊÓƵ Student
    • ¿´Æ¬ÊÓƵ Undergraduate Student
    • ¿´Æ¬ÊÓƵ Academic Staff
    • All Faculty and Staff
  2. Don't create a spam portal
    Anonymous forms should not send confirmation messages that reference any text entered by users. Such fields should be unchecked under INCLUDED E-MAIL VALUES under settings for E-mails.
    Included email values
    Image by Lee-Yan Marquez.

    Confirmation emailsÌýfromÌýanonymous formsÌýshould be restricted toÌýsimpleÌýthank you messages. TheseÌýcan also beÌýforgone in favour of aÌýConfirmation messageÌýthat appears only on the form - which can beÌýconfigured underÌýForm settings > SUBMISSION SETTINGS.
  3. Protecting Anonymous forms
    If your form has to remain anonymous in order to accept submissions from persons who do not have ¿´Æ¬ÊÓƵ credentials, there are certain measures you can take to prevent or reduce spam submissions.

    Even when anonymous, a user's IP address is collected whenever a form is submitted. This means that you can use the Per user submission limit under the Form settings to foil spambots.

    Though set to unlimited by default, you can specify the number of submissions allowed for a given period of time.
    Per user submission limit settings
    Image by Lee-Yan Marquez.
  4. Backup your webform submissions
    Webform submissions can be stored on the WMS for only 40 days, at which point they automatically expire. Site managers should download their Webform submissions routinely.Ìý

    Just go to the RESULTS tab and click on Download in order to save submissions either as Delimited text or as Microsoft Excel files.
  5. Be cautious with files
    If you are using a File field, make sure that your form is authenticated.

    You should also set which types of files can be uploaded. NoteÌýthat some file types are more likely to contain malicious code than others (e.g., word files versus PDFs). Never, ever accept .exe files.
    Allowed file extensions
    Image by Lee-Yan Marquez.

    Lastly, makeÌýsure that you scan filesÌýthat you download from form submissions before opening them.Ìý

This article was updated August 30, 2020


Related content:

Back to top