Information Technology
Consultant Managed Web Sites
FDOT External Web Development
The guidelines for all external partners who manage FDOT-related websites are available for review using the following link: FDOT Consultant-Managed Website Guidelines.
For questions regarding this resource, please contact the web development team at FDOTServiceDesk@dot.state.fl.us.
Other Key Considerations
Requirements
In an effort to comply with Federal Section 508 of the Rehabilitation Act, All Information Technology (IT) provided by Florida State Agencies must meet requirements as documented in the Accessible and Electronic Information Technology, Florida Administrative Code, Rule Chapter: 60-8.
Recommendations and Additional Information
Protection of FDOT data is of utmost importance. In order to protect the Department’s resources the following items should be considered and mitigated.
Website/Application Security Risk Considerations
Weak administrative security controls (e.g. weak or shared passwords)
Directory traversal attacks
Data Risk Considerations
Hosted sites should not contain information about the FDOT internal network or details about FDOT access controls that could be used to compromise our network.
Other Considerations to Mitigate Security Risks
Protection against Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks
Incident response procedures
Responsibility for mitigating incident responses
Protection against web crawlers
Non FDOT content or links on the FDOT site
Appropriate finalization and/or cleanup of the site after the project is complete
FDOT supports Consultant Managed Static Websites and encourages the development teams of such websites to become familiar with the Department’s in-house Standards: