MENU

Web Standards and Responsibilities

These Web Standards pertain to all websites hosted at ecu.edu. By using web services on the ecu.edu domain, you are agreeing to adhere to the terms and conditions explained on this page.

In addition to the standards and responsibilities outlined here, website owners are also required to follow the regulations and guidelines found on the Web Compliance page.

 


Section I. Content Responsibilities & Requirements

The following are the responsibilities and requirements for which you, an owner of content available via a website on the ecu.edu domain, are responsible. These responsibilities include compliance with federal and state laws and applicable ECU policies and the items in the lists below:

Website owners must ensure that all content is:

Additionally, website owners must also ensure that:

  • media content and files recorded by ECU constituents follow the Media Release Consent Guidelines.
  • required approvals for copyrighted material are obtained, and if applicable, that access is limited. For more information, visit ECU's copyright guidelines.
  • public video is closed captioned.

For owners with direct access to their web directory, the administrators' group must not be modified or removed from the web directory permissions. Full administrator control for the administrators' group is necessary to execute application security software and to maintain web services. If the administrators' group is removed or permissions are changed, server administrators will re-add the administrators' group and/or return the permissions to full control, removing individual permissions.

Top


Section II. Web Accessibility Standards

East Carolina University has adopted WCAG 2.0 Level AA as our goal for meeting our IT accessibility commitments. The Level AA success criteria provides a reasonable target for websites and web applications, and additionally serve as a useful metric for products and services.

WCAG 2.0 has three levels which include (a) Level A establishes a baseline level of conformance and covers a basic set of core accessibility issues (such as alternate text on images and captions on videos), (b) Level AA includes additional success criteria such as providing a visible focus indicator for keyboard users and ensuring sufficient color contrast, and (c) Level AAA is the highest level of conformance.

For more information about WCAG 2.0, please review the Web Content Accessibility Guidelines (WCAG) Overview and the WCAG 2.0 AA guidelines.

If your site has older content that exists for record keeping or historical purposes, and is infrequently accessed and never updated, then we recommend clearly labeling this content as "Archived" and focusing your accessibility improvements on new content and content that is frequently accessed.

If you have an accommodation request, please contact Disability Support Services.

Top


Section III. Minimum Page Requirements

All official university web pages are required to be hosted on university-approved resources and follow the minimum requirements that have been established. These requirements were created to promote consistency and quality.

Official web pages are defined by ECU's Web Regulation, include the following:

"Official university web pages include the East Carolina University home page (www.ecu.edu); academic department and program pages; office, administrative, and support unit pages; news and information pages; and any other World Wide Web address that is otherwise sponsored or endorsed or created on authority of a University Department or Administrative Unit; including course pages residing outside the secure course management system."

For the purposes of these standards, if the web page includes the wordmark, logo or any approved type treatment or mark of the university, it must adhere to these standards.

Header

A reference to East Carolina University must appear in the top left corner of each web page and link to www.ecu.edu. The wordmark as shown on the ECU home page is preferred. However, if deviation from this wordmark is necessary, then follow the branding guidelines.

Footer

The bottom of each web page must contain the following:

Page Layout

  • The page background color must be ECU purple, white or grey.
  • The width of the content area on the page should not exceed the current ECU homepage.
  • The background color must be white with grey scale font color no lighter than #666666.
  • The name of the unit should be prominently displayed.
  • If a menu system is present, it should pertain to your unit, not a replication of the menu for the top site.
  • ADA compliance is required. For assistance in building accessible web pages, review our guidelines.
  • Layout out must be responsive and mobile friendly. We recommend the use of the Bootstrap framework.

Efficiency

Web pages should download quickly and efficiently. If needed, larger documents can be divided into smaller documents. Optimize graphics for rapid loading across typical network connection speeds and mobile devices.

Photos

Use of university-related photos is encouraged.

Top


Section IV. Development Standards & Data Usage Requirements

Web development is a serious responsibility, and if not done properly, will expose the website and university networks to security threats. Any development should be completed by trained programmers and follow industry as well as ECU standards.

Development Standards

  • All web development must comply with the web standards in this document, adhere to OWASP security standards and address the current Top 10 for web application security.
  • Development work should have a primary and secondary developer for business continuity purposes.
  • It is the responsibility of the developers to maintain backups of their production work when making changes.
  • Web forms should have input validation, be WCAG 2.0 Level AA compliant, and employ a method to prevent spam.
  • File upload fields must limit the types of accepted files to data files only. Executable file types (e.g.: exe) are not allowed.

Data Collection and Storage

  • An approved privacy statement which clearly indicates how the information will be used is required.
  • If information is used in a mailing list, you must provide a method for the person to opt-out of your mailings. For example, if you send a weekly digest of form submissions, then you must let the submitter know and opt not to include the data they submitted in the mailing.
  • Data should only be stored on university database servers. Microsoft Access databases and flat file storage is not allowed because of the inherent security issues associated with these file types.
  • As a general rule, sensitive data is not approved for collection, display or storage on a public website. If approved, then the data must be password protected and follow any additional security recommendations received from data owners. Sensitive data is not to be collected without permission from IT Security and/or the appropriate data owner. If sensitive data needs to be collected, users need to contact IT Security for information on available resources and best practices.
  • Illegal file sharing is prohibited. For more information, visit the ECU's File Sharing Rules site.

Top


Section V. Storage of Student Information or Assignments on University Websites

  • Any content stored greater than two (2) years must be approved by the Registrar.
  • Any storage of videos, specifically those associated with K-12 students must use the ECU Attorney's approved process and forms. You are required to ensure this process is followed.
  • Videos of K-12 students require a release form signed by the parents.
  • Videos of ECU students require a release form signed by the ECU students.
  • The content owner is responsible for collecting and maintaining the release forms.
  • Videos must be password protected using the ECU PirateID and not publicly available.
  • Videos must be streamed and not downloadable. Streaming is available on mediasite.ecu.edu.
  • Any violation of these rules could be violating FERPA regulations and be subject to the consequences of that law.

Top


Section VI. Domain Names and URL Management

Domain names are part of the identity of the university and communicate the university's image and reputation to the public. They should also be easily recognizable and use a predictable structure to help users better locate services.

Therefore, the university has established guidelines for governing domain name registration to ensure names are assigned and used appropriately and align with institutional goals.

Required Domain Name Structure

A web address (URL) locates a website or file on the web. It consists of domains separated by periods reading from right to left. For example:

itcs.ecu.edu =

  • edu is the first (top) level domain
  • ecu is the second level domain
  • itcs is the third level domain

All official university websites (see definition in Web Regulation) must use the ecu.edu domain as the second and first level domain. Each website or service whose URL ends in ecu.edu will benefit from improved search ranking.

Third-level domains are available for official university websites. Requests are approved within 10 business days by the ECU Web Oversight Committee. Upon approval, all third-level domains are added to the university A to Z list and the university search keywords. Below are the URL approval criteria.

Third-Level Domain URL Criteria

Requestors:
  • a major business unit
  • an officially recognized center or unit
  • represent a service or application offered permanently to most ECU users
Requested URL:
  • is specific and descriptive
  • is generally recognized as a word or a common abbreviation
  • is reasonably unique to the service and not likely to represent services offered by other ECU units
  • is unlikely to conflict with other current or future URL requests for websites, services, programs or systems
  • is unlikely to be confused with another university unit
  • is unlikely to be misspelled in ways that would result in confusion with another URL
  • does not contain existing or potential copyright or trademark infringements
  • does not contain "ecu" as this is already part of the URL (second-level domain)
  • must align with the university's current or future uses of that URL

Alternatives for Third-Level URLs

Fourth-level URLs and higher are not available. Use a directory structure where possible. For example, unit.ecu.edu/subunit is recommended.

Shortened URLs through the Go-Links service

go.ecu.edu is a free URL redirection service that creates a shortened link for a website. Shortened URLs created through Go-Links provide flexibility and are easy for users to remember.

Example:

  • Full link: http://www.ecu.edu/itcs/connect/eduroam.cfm
  • Go-Link shortened link: http://go.ecu.edu/eduroam

To use this service, first submit the Go-Link registration form. Then choose a shorter URL that most represents the website or page. The Web Oversight committee resolves any naming conflicts.

Search Engine Optimization for URLs

Search Engine Optimization (SEO) allows users and search engines to better understand page topics and navigation which improves user experience and search engine page rankings. SEO also provides human-readable links for easy dissemination to social media. Here are the guidelines:

  1. Place hyphens between link words to improve readability. Do not use underscores, spaces or capital letters.
  2. Create URLs using lowercase letters.
    Do This Don't Do This
    itcs.ecu.edu/connect/network-guest itcs.ecu.edu/connect/networkGuest/
    itcs.ecu.edu/connect/network_guest/
    itcs.ecu.edu/connect/NETWORKGUEST/
  3. Place hyphens in the subfolder name as that is easily readable.
  4. To improve keyword effectiveness:
    • Make URLs short (see Go-Links service above)
    • Load important words up front
    • Example: http://degrees.ecu.edu rather than http://www.ecu.edu/degrees

ecu.edu Domain Names for ECU Hosted Websites

Websites hosted on ECU servers are assigned an ecu.edu URL. Official websites within the university's content management system use third-level domain names. Unofficial websites hosted on other servers may use a directory structure format.

  • Examples: business.ecu.edu, 1card.ecu.edu, myweb.ecu.edu/pirateID

ecu.edu Domain Names for Externally Hosted Websites

ECU does not provide redirection for domain names residing on servers not owned and controlled by ECU. The only exceptions are vendor-hosted services in which ECU has a contractual relationship or a service is provided. This exception does not include web hosting unless approved. If an exception is allowed, official websites hosted externally must adhere to the same requirements as official sites hosted on university servers where technically possible.

Non- ecu.edu Domain Names

In most cases, the appropriate domain name for university activities will be "edu." For domain name registrations outside the ecu.edu domain (.com, .net, .org) that include an official university name in any form or that is used to display university content, the unit must contact the Web Oversight Committee for approval prior to registering the name.

Additionally, units must make arrangements to host the domain name with a commercial Internet Service Provider (ISP). The registering party is responsible for any expenses associated with the registration and maintenance of the domain name.

Top


Section VII. Web Hosting

Official websites should be hosted on university web servers and maintained by university employees. Units are encouraged to utilize university resources to create and maintain websites on university web servers.

Websites Hosted on ECU Web Servers and Created by External Vendor

Any request to outsource website development must be approved by the Web Oversight Committee.

Vendors are not allowed access to our internal resources. Units are still responsible for uploading, creating and maintaining the content for their website.

Websites Hosted on External Web Hosting Services

Occasionally, there may be a contractual relationship with an external party with a rationale for the website to be hosted externally. These requests for external web hosting must be approved by Web Oversight Committee and an IT Security Review obtained. In addition, directing an ecu.edu URL to an externally-hosted website must be approved by the Web Oversight Committee.

Top