You are now in the main content area
Web Content Security Protocol
- Related Documents: Website Standards & Guidelines Framework; Abandoned websites protocols; Website deletion protocols
- Unit Responsible: Digital Publishing, Computing and Communications Services (CCS)
- Updated: 04-15-2025
I. Purpose
To ensure the security and integrity of the university's digital presence, Computing and Communications Services (CCS) reserves the right to modify, unpublish, or remove content that poses a security risk.
II. Scope
This protocol applies to all websites and digital content hosted within the university’s Web Content Management System (CMS), Adobe Experience Manager (AEM).
III. Criteria for Action:
The Digital Publishing (DP) team in CCS may intervene in the following circumstances:
- The content contains vulnerabilities that could be exploited (e.g., outdated or insecure scripts, exposed sensitive information, etc.).
- The content includes links to malicious websites or unauthorized third-party services.
- The content violates university cybersecurity controls or standards.
- The content facilitates phishing, fraud, or other cyber threats.
IV. Process:
- When a security risk is identified, the DP team will attempt to contact the content owner to request immediate remediation.
- If the risk is critical, the DP team may take immediate action to mitigate the threat before notifying the content owner.
- Any modifications made by the team will be communicated to the content owner along with recommendations for long-term resolution.
This protocol ensures the safety of university users and data while maintaining transparency with content owners. Questions or concerns about this protocol can be directed to Digital Publishing, CCS.
