The Open Berkeley managed website program includes website security for all individual websites, as well as the overall platform. The Web Platform Services team follows best practices for website security, which includes diligent monitoring of Drupal security releases(link is external) and timely deployment of security updates.
Authentication
If you are seeing this page after logging in via CalNet to any Open Berkeley website, please contact the owner of that site for more information.
Logging in to sites on the Open Berkeley platform requires the appropriate CalNet affiliation. If a user is having CalNet authentication issues, they should contact the appropriate site owner (and/or their own department) to check their CalNet affiliation. The site owner can check with the Web Platform Services team if they have questions about managing or assigning roles, but any individual user should consult the site owner directly.
Website Security and the Open Berkeley Platform
Any new feature is carefully evaluated for security, and additional embedding (beyond built-in widget types) of iframes, scripts, and third-party products is not allowed, in order to prevent any inclusion of insecure code.
Additionally, all Open Berkeley websites are hosted on Pantheon(link is external), an external hosting partner that provides enterprise-grade security(link is external).
If you have any questions about the security of your website and/or the Open Berkeley platform, please email web-platform@berkeley.edu(link sends e-mail).