darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-05-13 20:59:12 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
right_before_python_upgrade
notifications-admin/app/templates/views/about/security.html
Jonathan Bobel db37a4de94 Updating all links with a target="_blank"
2025-04-03 11:57:21 -04:00

86 lines
3.3 KiB
HTML
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{% extends "base.html" %}
{% import "components/nav_breadcrumb.html" as breadcrumbs %}
{% set page_title = "Security" %}
{% block per_page_title %}
{{page_title}}
{% endblock %}
{% block content_column_content %}
{{ breadcrumbs.breadcrumb(page_title, "About", "main.about_notify") }}
<section class="usa-prose">
<h1>{{page_title}}</h1>
<p class="font-sans-lg text-base">Notify.gov is built for the needs of government agencies with fundamental system
security processes in place to:
</p>
<ul>
<li>protect user data</li>
<li>keep systems secure</li>
<li>manage risks around information</li>
</ul>
<p>
Notify.gov operates under a full three-year <a class="use-link usa-link--external"
href="https://digital.gov/resources/an-introduction-to-ato/"
target="_blank"
rel="noopener noreferrer"
aria-label="Authority-to-Operate (ATO) (opens in a new tab)">Authority-to-Operate (ATO)</a>. This
federal security authorization process leverages security
controls provided by National Institute of Standards and Technology (NIST).
</p>
<p>
Our infrastructure runs on <a class="use-link usa-link--external"
href="https://www.cloud.gov/"
target="_blank"
rel="noopener noreferrer"
aria-label="cloud dot gov (opens in a new tab)">cloud.gov</a> and utilizes several
services through Amazon Web
Services (AWS), including <a class="use-link usa-link--external"
href="https://aws.amazon.com/sns/"
rel="noopener noreferrer"
target="_blank"
aria-label="AWS SNS (opens in a new tab)">
AWS SNS </a> for sending SMS
messages.
</p>
<p>For more information about the Notify.gov infrastructure, contact us at <a
href="mailto:notify-support@gsa.gov">notify-support@gsa.gov</a>.</p>
<h2>Data</h2>
<p>
On Notify.gov, data is encrypted both in transit and at rest. To send a message, agencies upload a spreadsheet of
phone numbers and other necessary data from their existing data management system.
</p>
<p>
Notify.gov is not a system of record, so it does not have a System of Records Notice (SORN). Agencies are
responsible for managing their data outside of Notify.gov.
</p>
<h3>Data retention</h3>
<p>
Any data uploads that have recipient data are held for seven calendar days; personally identifiable information
(PII) is never stored in Notifys database.
</p>
<h2>Multi-Factor Authentication</h2>
<p>
Notify.gov uses <a class="use-link usa-link--external"
href="https://login.gov/what-is-login/"
rel="noopener noreferrer"
target="_blank"
aria-label="Login dot gov (opens in a new tab)">Login.gov</a> for enhanced security.
Login.gov is an extra layer of security created by the government that uses multi-factor authentication and stronger
passwords to protect your account.
</p>
<p>
To access Notify.gov, users will use a Login.gov account associated with their agency (.gov) email with one of the
<a class="use-link usa-link--external"
href="https://login.gov/help/get-started/authentication-methods/"
rel="noopener noreferrer"
target="_blank"
aria-label="login dot gov multi-factor authentication methods (opens in a new tab)"
>multi-factor authentication
methods</a> offered through Login.gov.
</p>
</section>
{% endblock %}
Reference in New Issue View Git Blame Copy Permalink