Site Managers can do their part to ensure that users' confidential information is protected when they fill out webforms.
Don't ask for SIN, financial information
Asking users to provide the following information via a WMS form is absolutely verboten:
- credit card numbers
- debit card numbers
- social insurance numbers
- social security numbers
Any forms that have collected such information will be immediately flagged and shut down.
Furthermore, any database backups containing credit card information will be deleted.
Since backups contain more than one WMS site, deletion will not just affect the site where the form originated. Multiple sites may find their ability to have their databases restored compromised.
Don't show user credentials
Anonymous forms that ask users to enter the following information will also be flagged but not shut down:
- McGill ID
Site Administrators will be notified so they can ensure that the form is authenticated (i.e., requires users to login) and these fields are removed.
If McGill IDs and usernames are required to verify a user's identity, the fields should be modified to use tokens so this information can be saved in the submission records so long as Site Managers exclude these fields from webform emails.
Webform best practices
- Authenticate, authenticate, authenticate
Most security issues can be averted simply by asking users to login. Just uncheck anonymous user under SUBMISSION ACCESS in the Form Settings.
You can also further restrict your form by making it available only to certain roles or user groups:
- McGill Staff and Faculty
- McGill Casual Staff
- McGill Affiliate
- McGill Student
- McGill Undergraduate Student
- McGill Academic Staff
- All Faculty and Staff
- Don't create a spam portal
Anonymous forms should not send confirmation messages that reference any text entered by users. Such fields should be unchecked under INCLUDED E-MAIL VALUES under settings for E-mails.
Confirmation emails from anonymous forms should be restricted to simple thank you messages. These can also be forgone in favour of a Confirmation message that appears only on the form - which can be configured under Form settings > SUBMISSION SETTINGS.
- Protecting Anonymous forms
If your form has to remain anonymous in order to accept submissions from persons who do not have McGill credentials, there are certain measures you can take to prevent or reduce spam submissions.
Even when anonymous, a user's IP address is collected whenever a form is submitted. This means that you can use the Per user submission limit under the Form settings to foil spambots.
Though set to unlimited by default, you can specify the number of submissions allowed for a given period of time.
- Backup your webform submissions
We ask Site Managers to backup webform submissions before their staging sites can go live. However, this can also be done routinely to preserve submissions in case something happens to the form.
Just go to the RESULTS tab and click on Download in order to save submissions either as Delimited text or as Microsoft Excel files.
- Be cautious with files
If you are using a File field, make sure that your form is authenticated.
You should also set which types of files can be uploaded. Note that some file types are more likely to contain malicious code than others (e.g., word files versus PDFs). Never, ever accept .exe files.
Lastly, make sure that you scan files that you download from form submissions before opening them.
Learn more about Webform security
An in-depth workshop on webform security will be conducted by the Web Service Group. Register early by filling out this form.