Portal User Group Meeting May 14, 2008
Agenda Updates CT.gov Template Redesigns CT.gov 2.0 Involvement Form Vulnerabilities Accessibility Policy Changes Reminders
Updates Migration Status WebTrends RFP Stock Photos Streaming Video
Migration Status Update Completed96 In Progress7 Queue0 On Hold7
WebTrends Update WebTrends Replacement Bid produced no responses WebTrends Professional Services are expected to be scheduled for the week of May 27 th WebTrends will be removed from servers and re-installed new Profiles will be re-analyzed from scratch
RFP Update RFP is complete RFP has not been released due to budget considerations Decision is expected by late June
Stock Photos Update IStockPhoto ( Graphics can only be downloaded by PMG Agencies can browse photos online Finite number of photos; Agencies are limited to 5 per year per site
Stock Photo Update - Restrictions Photos from IStockPhoto.com are for web use only Photos cannot be stored on a shared drive Credit must be given for photos Follow all copyright rules and laws
Streaming Video Internal Streaming Video is available Procedures are in development External Streaming Video will be hosted by a vendor –DOIT-10 is in process currently
CT.gov Template Redesign – Why A Version 3? V2 Templates experienced unforeseen issues Graphic Designer was not on staff when V2 was developed We took a vote among the agencies that requested V2 and majority went with V3
CT.gov Template Redesign – New Look and Feel Greater freedom of expression for Agencies Opportunity to clean up sites, reduce Home Page links During conversion to V3 templates, Agencies will work closely with Graphic Designer to keep “family” look, while still maintaining their own identity
CT.gov Template Redesign – V3 Templates Two different layouts –Left Nav –Top Nav ncept_L1.htmhttp://vvv.dir.ct.gov/doit/PUGM_051408/co ncept_L1.htm Governor launched new site today using a variation of the new template (
CT.gov Template Redesign – Header (Banner) Ideas Option 1 –Header/Banner will use the same image for all State Agencies Option 2 –Header/Banner will be customizable by Agency (Standard Banners will be available if desired) Site Poll is available on CPI –Log in to access this area –Partners Portal User Group Meetings –Poll is on Left Nav at the bottom
CT.gov 2.0 Initiative Features/Latest News Navigation Content Creation of Work Groups
CT.gov 2.0 Initiative – Taxonomy/Navigation Issues –Over 5 years old. Needs to be completely redone –Could use navigation based on user group (G2C, G2B, etc) –Existing links may be out of date –Some links are too many levels down. Try to limit to 3 levels before getting to actual content.
CT.gov 2.0 Initiative – Features/News Items Issues –Content is not updated frequently enough –No dedicated resource to manage –There have been no new features added –Site needs to be more innovative
CT.gov 2.0 Initiative – Content Issues –No new content is being created –Existing content is not being updated
CT.gov 2.0 Involvement – Work Groups CT.gov Portal Work Group Phase 1 –Revise site navigation and content –Develop procedures to keep agencies involved in updating process –Review statistics on how the current taxonomy is working. Is it effective? Phase 2 –Train agencies on new procedures –Set ongoing communication plan to keep agencies involved Strategic Planning Work Group Determine what agencies should be focusing on to make sites better Benchmark with other states and determine our strengths and weaknesses Develop plan to assist agencies to reach goals
Web Forms Design Security Best Practices Mark Reynolds DOIT Security Division
Form Vulnerabilities – Agenda Security Issues Scrubbing Forms Input Denial of Service Protection Mechanisms Malicious Injection Data Validation
Form Vulnerabilities – Security Issues –If user-supplied data is not sufficiently sanitized, local and remote users may be able to execute arbitrary commands on the HTTP server with the privileges of the httpd daemon. They may then be able to compromise the HTTP server and under certain configurations gain privileged access.
Form Vulnerabilities – Security Issues Malicious HTML Tags Embedded in Client Web Requests –A web site may inadvertently include malicious HTML tags or script in a dynamically generated page based on unvalidated input from untrustworthy sources. This can be a problem when input is not validated to prevent malicious HTML from being presented to the user.
Proposed Revision to the State of Connecticut Web Site Accessibility Policy Kathleen Anderson
Accessibility Policy Changes – Communications posted to ct-access Listserv: sed_revision.html Draft of Revised Policy – Version 5: _draft_policy.doc
Accessibility Policy Changes – Differences Between Section 508 and WCAG 1.0 If a web site is WCAG A-Compliant and its author wants to be Section 508 compliant as well, these are the five standards he must address additionally. These are paragraphs (l), (m), (n), (o), and (p).
Accessibility Policy Changes – L (l) When pages utilize scripting languages to display content, or to create interface elements, the information provided by the script shall be identified with functional text that can be read by assistive technology.
Accessibility Policy Changes – M (m) When a web page requires that an applet, plug-in or other application be present on the client system to interpret page content, the page must provide a link to a plug-in or applet that complies with § (a) through (l).
Accessibility Policy Changes – N (n) When electronic forms are designed to be completed on-line, the form shall allow people using assistive technology to access the information, field elements, and functionality required for completion and submission of the form, including all directions and cues.
Accessibility Policy Changes – O (o) A method shall be provided that permits users to skip repetitive navigation links.
Accessibility Policy Changes – P (p) When a timed response is required, the user shall be alerted and given sufficient time to indicate more time is required.
Accessibility Policy Changes – Training Resources Jim Thatcher HTML Writers Guild: Introduction to Designing Accessible Websites bilitydesign.html On-site training if requested
Accessibility Policy Changes – For More Info Accessibility Web Site: Accessibility Listserv (ct-access): Kathleen Anderson (860) or
Reminders Use IMPACT and Help Desk –Better Service –Tracking Capabilities Copying Word documents directly into DSF –Use WordPad or NotePad Images –Images must be uploaded before they can be inserted into the content page –ClipArt images must be saved separately from the Word document to upload
Reminders – Next Meetings Next Portal User Group Meetings are currently scheduled as follows: –Wednesday, July 9, 2008 –Wednesday, October 1, 2008 –Wednesday, December 10, 2008 CPI Calendar (
Open Discussion
Thank You