Built-In Security Features for Catalog Sites
July 21, 2022
When publishing any content online, security should be a top concern for your institution. Here at Clean Catalog, we not only adhere to best security practices, but frequently release new security updates to protect against the evolving cyber threats online. Check out a few of the security features we build into every site, giving you and your staff peace of mind.
HTTPS Connections
All Clean Catalog sites automatically use secure HTTPS connections by default. This ensures that all data is securely transmitted between your site and its users while protecting against MitM attacks. In short, HTTPS ensures your catalog site is secure and prevents sensitive information from being hacked. This protects not only your institution on the backend, but also the students and users who access the frontend of your catalog site. Your Clean Catalog site will be SSL certified during the buildout phase, ensuring your catalog is secure from the moment it launches.
Granular Permissions for Editors
Staff accounts on any service can be a big security vulnerability — you never know what sort of password hygiene different people will have. Even if an individual staff account gets compromised, though, we limit the harm that can be done by restricting user permissions. If, for example, a math instructor's account was compromised, someone could log in, edit a math course, and then get their changes rejected before they were published; the damage someone could do is extremely limited. They couldn't view user accounts, directly publish edits, or access anything in the database or site code.
Optional Single Sign On
With Clean Catalog, your staff will enjoy our secure single sign-on feature. This allows your staff to login with a single ID to both the backend of your catalog site and any other pre-existing software system you may have in place. For example, your staff can login to your catalog site using the same login credentials they use for your Learning Management System (LMS). By integrating with other API systems, employees will only be required to log in once to access all admin pages without being required to reenter authentication factors.
Optional Two-Factor Authentication
Two-factor authentication is often a great way to ensure account security, and we can enable it upon request for any sites.
Avoid Storing Unnecessary Data
One of the most important things we do for security is that, whenever possible, we avoid storing confidential data. In most cases, a course catalog site will contain information that's public — the content for your catalog — and we generally avoid having anything beyond that. Even if we're doing an SIS integration, there's no reason for us to access staff or student ID numbers, staff information beyond editor email addresses, or any of that.
This doesn't mean we don't have security features in place — our security is best in class — but it ensures that in the unlikely event of a security breach on your catalog site, the worst that happens is (for example) that someone gets a sneak peek at next year's catalog.
Regular Security Updates
We regularly release security updates to keep catalogs up-to-date and protected against ever-evolving modern security threats. Your staff won’t have to lift a finger, as these updates are automatically applied with no downtime to your catalog site. Our team also constantly monitors for any suspicious activity so that we can quickly respond to any security issues that may arise.
When you choose Clean Catalog software for your catalog or curriculum site, you will never have to worry about security breaches or unsecure data. Your site will be built securely from the ground-up so that neither your data nor users are vulnerable to cyber attacks. If you’d like to learn more about the security features we have in place, don’t hesitate to reach out to us.