Update information-security.html

2026-02-26 21:31:11 -05:00 · 2016-11-09 11:52:52 +00:00
parent d546799bd5
commit 49ef6f22ff
1 changed files with 16 additions and 16 deletions
--- a/app/templates/views/information-security.html
+++ b/app/templates/views/information-security.html
@@ -164,31 +164,31 @@ Information security guidelines – GOV.UK Notify
        <p>“Dear Anne Smith, you’ve got a licence appointment tomorrow at 2:15pm at the Licence Office, 1 Chapel Hill, Heswall, Bournemouth BH1 1AA. To cancel your appointment, visit licensing.service.gov.uk/appointment/12345678/cancel. To change your appointment time, sign in to your account.”</p>
        <p>This is a good example because:</p>
         <ul class="list list-bullet">
-           <li>The message and link doesn't reveal any sensitive personal data.</li>
-           <li>The message and link doesn't ask for personal data, passwords or payment details.</li>
-           <li>The reminder addresses the user by their name, helping to make phishing attacks more difficult.</li>
-            <li>The link just cancels the appointment. The worst that could happen is that an attacker cancels someone else’s appointment.</li>
-            <li>Users have to sign in to change the appointment time, making it harder for an attacker to know what their appointment time is .</li>
-            <li>The topic is something the user is familiar with.</li>
+           <li>the message and link doesn't reveal any sensitive personal data</li>
+           <li>it doesn't ask for personal data, passwords or payment details</li>
+           <li>the reminder addresses the user by their name, making phishing attacks more difficult</li>
+            <li>the link just cancels the appointment which minimises what an attacker can do</li>
+            <li>users have to sign in to change the appointment time, making it harder for an attacker to know what their appointment time is</li>
+            <li>the topic is something the user is familiar with</li>
        </ul>
      
-        <h3 class="heading-medium">Example of an application</h3>
-        <p>“Dear Anne Smith, you’ve got a licence appointment tomorrow at 2:15pm at the Licence Office, 1 Chapel Hill, Heswall, Bournemouth BH1 1AA. To cancel your appointment, visit licensing.service.gov.uk/appointment/12345678/cancel. To change your appointment time, sign in to your account.”</p>
+    
+     <h2 class="heading-medium">Example to add a photo to an environmental permit</h2>
+        <p>“Dear Andrew Jones, to add a location photo to your environmental permit application, visit environmentalpermit.service.gov.uk/12345678/add-photo. If you didn’t request this link, please ignore this message.”</p>
        <p>This is a good example because:</p>
         <ul class="list list-bullet">
-           <li>The message and link doesn't reveal any sensitive personal data.</li>
-           <li>The message and link doesn't ask for personal data, passwords or payment details.</li>
-           <li>The reminder addresses the user by their name, helping to make phishing attacks more difficult.</li>
-            <li>The link just cancels the appointment. The worst that could happen is that an attacker cancels someone else’s appointment.</li>
-            <li>Users have to sign in to change the appointment time, making it harder for an attacker to know what their appointment time is .</li>
-            <li>The topic is something the user is familiar with.</li>
+           <li>the message and link doesn't reveal any sensitive personal data</li>
+           <li>it doesn't ask for personal data, passwords or payment details</li>
+           <li>the reminder addresses the user by their name, making phishing attacks more difficult</li>
+            <li>the link only lets users add a photo to an environmental permit application – it doesn’t complete the process, which minimises what an attacker can do</li>
+            <li>it shows users what to do if the message doesn't apply to them</li>
        </ul>
-         </section>
+       </section>
    
    <section id="you-can-do-more">
      <h2 class="heading-medium">You can do more if you want to</h2>

-      <p>These guidelines are the minimum requirement. If you want to take more stringent measures for your service, that’s fine.</p>
+      <p>These guidelines are the minimum requirement. You can take stricter measures for your service if you think it's necessary.</p>

      <p>Just make sure you’re balancing your users’ needs to be kept informed and kept safe.</p>
    </section>