UTMB’s Web Services Team and the Information Security Office work continually to identify and address areas of concern related to web security.
A current issue that requires the support of UTMB web developers and web content editors is the appropriate use of the Hypertext Transfer Protocol. We are finding links on our websites using HTTP rather than the HTTPS protocol. HTTP transfers data in plain text, while HTTPS encrypts data and is more secure.
HTTPS is especially important for websites that require login credentials—like bank accounts, email services, or health information—and is required for all links on our university sites.
We’ve been working steadily to identify and make changes at the system level to all UTMB-owned, hosted or managed websites and web-based applications in our utmb.edu domain. To date, more than 3151 unique links affecting 7065 pages have been addressed; that represents fewer than half of the HTTP instances that need to be resolved.
In 2025, UTMB Health will begin to disable these HTTP, non-encrypted links to enhance security and safeguard communications to and from UTMB-hosted websites.
We need the help of our web development community to identify and update HTTP links on their respective sites:
- Request access to Siteimprove, a quality assurance tool all UTMB web developers and content editors should be using regularly to identify issues on their website(s), including misspellings, broken links, and more;
- Review a video created to guide users through identifying and addressing HTTP links using Siteimprove;
- Resolve all HTTP issues;
- Ensure any new links being added to your website(s) are complete and include the HTTPS protocol.
If you have questions, or to report progress or problems, please contact web-services@utmb.edu.