From 6efd311b3531e48a1327e4b5ad8a75219129e91a Mon Sep 17 00:00:00 2001 From: Greg Gershman Date: Wed, 13 Aug 2014 22:18:02 -0400 Subject: [PATCH] Add SSL to security/privacy play. --- _includes/play11.md | 1 + 1 file changed, 1 insertion(+) diff --git a/_includes/play11.md b/_includes/play11.md index eadac5a1..80fa0ba5 100644 --- a/_includes/play11.md +++ b/_includes/play11.md @@ -13,6 +13,7 @@ The following checklist provides a starting point, but teams should work closely 4. Consider whether the user should be able to access, delete, or remove their information from the service 5. “Pre-certify” the hosting infrastructure used for the project using FedRAMP 6. Use deployment scripts to ensure configuration of production environment remains consistent and controllable +7. Encrypt all user communications with your site with SSL by default. #### key questions - Does the service collect personal information from the user (whether government or public)? How is the user notified of this collection?