When you create a web form, your respondent's trust and security should be your number one concern. To help you build trust and boost security, the FormAssembly team conducted a class outlining the most important principles of web form security. The class began with a series of three emails and concluded with a webinar. You can find the class lessons and the videos below.
This guide's purpose is to help you understand and apply best practices for web form security. You can also use our FormAssembly Web Security Checklist to determine whether your web form meets the security standards outlined here.
When you ask your customers to fill out a form on your website, you are asking for a certain degree of trust. They are providing you with personal information, and by filling out your form, they are trusting you to handle their data in a safe and secure manner. In order to maintain this trust, and to ensure the security of your customer's data, there are several things to keep in mind.
When people open your form, it's important that they recognize it as part of your organization. Since they are providing you with personal information, there should be no doubt in their mind about who you are. The look and feel of your web form should always be consistent with your website, with the same logos, style, and design. You can use the FormAssembly Theme Editor to customize your form.
Your form should include contact information so that your respondents can reach you. If you've embedded your form, your contact information may appear in the footer of your site; however, if not, you'll want to make sure to add that information to the form. For forms hosted on FormAssembly, you can update your public contact information (under My Account > Contact Information > Public Contact Information), which will appear at the bottom of your form through the Need Assistance? link.
Encryption and Types of Data
Encryption is the process of securing data and making it unreadable to people who do not have the key, which is usually the browser or the server. With SSL, you increase your form's security and help your customers feel more comfortable, especially when they are submitting sensitive or personal information.
If your website does not have a SSL certificate, you can direct respondents to the FormAssembly link to complete the form.
It's also important to note that once you save a FormAssembly form, it is automatically available through the public link (found on the form's publishing page). If you would like your forms to be behind an added layer of authentication, so that only people in your organization with the correct credentials can access the form, you might consider one of our 4 authentication possibilities, which are available at the enterprise level:
- SAML Authentication
- CAS Authentication
- LDAP Authentication
- Salesforce Communities Authentication
Types of Data
Depending on the types of data you collect, a variety of laws may apply to your form. It's always important to make sure that you collect only the types of data that you actually need.
When building a form, it is incredibly important to adhere to all applicable laws concerned with collecting and storing electronic data. PCI (Payment Card Industry) compliance governs the collection and use of credit credit data.
You MUST collect credit card information through a PCI-compliant provider such as PayPal or Authorize.Net. FormAssembly is PCI DSS certified and meets the standards for PCI Compliance Level 1, which has the strictest requirements. We also offer integrations with PayPal, Stripe, CyberSource, Freshbooks, Authorize.Net, Chargent, and iATS Payments.
Please note that you cannot use the HTTP connector to process payment information.
HIPAA and ePHI Compliance
Special laws govern the collection of electronic protected health information (ePHI). In general, the content of the collected data is less important than who collects it and how it is handled. Since FormAssembly is now HIPAA compliant, you can collect ePHI, so long as you are a member of our Compliance Cloud plan.
If you want to create a completely anonymous survey, simply leaving out a respondent's name and personal information is not enough: the location of the computer can still be determined by the user's IP address. For Enterprise users, you can enable the IP Anonymization feature, which will replace the last half of the respondent's IP address with zeros. This guarantees that the IP address cannot be used to identify an individual computer or user.
For a form that acts as a waiver or contract, you might want to include an eSignature. However, while a signature may feel like the most important part of such a form, it's just as important to include form fields that identify the respondent without question. In short, you want to collect as much information as possible to confirm who is the person signing the document.
The number one rule for data access within FormAssembly is that your account credentials should never be shared between colleagues. Although this may be less convenient, it is incredibly important to know who accesses data and how they use it. However, to make things easier, we do allow Single Sign-On, which lets you sign into FormAssembly through Salesforce and/or Google Apps.
Secure Browsing and Purging
If you read responses from within FormAssembly, and you collect sensitive data, you should go to My Account > Preferences and enable secure browsing, which will enable SSL throughout FormAssembly. If you are using FormAssembly through Salesforce, this is enabled by default. Additionally, if you're using the Enterprise edition, administrators can force this option for their users.
You can use our purge feature to automatically get rid of sensitive data in FormAssembly Enterprise. Doing this will help reduce the risks of data exposure and data theft. You can choose to automatically delete all responses or specific fields, after a certain number of days or after the data is successfully sent to Salesforce.
Accessing Data from Other Apps
For connectors like Salesforce and Google Apps, any data that is transferred to those services is automatically encrypted. However, if you're using our HTTP Connector, data encryption depends on how the third-party service is configured. Once your data has left FormAssembly and is stored on a remote service, it is up to that company to ensure the privacy and security of your data.
It is also important to note that email notifications are not secure. Because of this, it is not a good idea to use email notifications to send any kind of sensitive data.
If your form is collecting payments and on a public website, we recommend enabling reCAPTCHA. Oftentimes, public forms that accept credit card information can be targeted by spambots, and the best prevention against receiving spam submissions is to enable reCAPTCHA on your form.