Category: Web

Building a Website

On November 13, 2017

Sites are complex digital spaces with evolving digital standards that can have very steep learning curves. It takes multiple teams of people to keep sites running securely and smoothly. Accessibility, security, design, and development are areas that most communicators must have a basic understanding of in order to produce an effective digital product.

Building a site at Duke may seem a little daunting but the guide below can act as a starting point for building secure, accessible, on-brand sites for your organization.

Domains – What is the url?

Internal

Third-level domains: (require University Communications approval)
ex. trinity.duke.edu, publicaffairs.duke.edu
Fourth-level domains: labs.trinity.duke.edu, project.chemistry.duke.edu do not require UComms approval and are managed through system administrators

External

External domains: (require University Communications approval and must be purchased by the central IT office)
ex. dukeblue.org
Use of Duke’s trademark is governing entity

Web Accessibility – Who can see it?

Everyone. Everyone should be able to access a public site at Duke. Duke’s Web Accessibility Initiative exists to ensure people with a wide range of abilities have equal access to Duke’s web content. It is the central resource for information, guidelines, and Duke’s official web accessibility guidelines.

WCAG 2.0 Level AA Accessibility
Federal requirements: Section 508 of the Rehabilitation Act
Americans With Disabilities Act

Web Security – Is it safe?

Security is CRITICAL. If a site is deemed to be a security risk (through a breach or lack of appropriate security or versioning upgrades) the IT Security Office reserves the right to take a site offline until that site is cleared to be restored.

You should be aware of the following security policies and guidelines:

Data Classification Standard. Duke has defined three classes of information: Sensitive, Restricted and Public.
Web Governance Policy. Guidance and options for those managing websites at Duke.
Acceptable Use. Establish and promote the ethical, legal, and secure use of computing and electronic communications for all members of Duke University and its affiliated entities.

Service Level Agreements – How can I keep it up?

–What does maintenance really mean?

Once a site is launched and past its QA period, sites typically move into a “maintenance” phase. Maintenance can refer to the general updates of the site but the most critical component is the upkeep needed to keep the environment (infrastructure) up to date. It is the responsibility of the site owner (department) to ensure that a maintenance agreement is in place. Restated: the platform (Drupal/WordPress), as well as the hosting space, require regular attention and updates to keep them from becoming a security risk.

If you’re working with a vendor: Any work being done through a contract organization – internal or external – requires a minimum service-level agreement of 10 hours per year. Due to the changing nature of the web and the need for version and security upgrades on our preferred platforms, site owners need to identify some portion of their budget and calendar for updates and patching. Without this, sites are subject to vulnerability and attacks. Should a security breach occur, the security office may remove the affected site until it can be confirmed as no longer a risk. IT organizations such as OIT and DHTS cannot be held responsible for sites and actions that they did not create nor participate in.

Web Site Development – How do I make it?

Self-Service: Sites@Duke Express

Sites@Duke Express is a WordPress network that offers a robust set of easy-to-use tools, including Duke themes and Duke-specific plugins. The service also provides the option of a custom domain mapped to your site. There is no charge to users.

Advanced Site Building: Sites@Duke Pro

The Sites@Duke Pro platform is a new Drupal-based solution ideal for schools, departments, institutes, centers, labs, initiatives, programs, and more. It offers flexible site-building options with a professional visual design that meets Duke’s accessibility and branding guidelines. There is a low start-up cost and a monthly maintenance fee that covers all infrastructure, support, and rollout of new features and fixes as they become available.

Custom internal – Duke Web Services and other web development groups across campus

Custom websites can be developed using internal and external resources. (See Working with Vendors) After selecting your development group you will also need to coordinate hosting and domains. (see above and below). Any custom work still has an expectation to meet technical and branding requirements.

Working with External Vendors

The abundance of work across Duke can’t be met by the in-house resources alone. We utilize vendors from around the area including some in other areas of the country and abroad. The following guidelines have been developed to streamline the process of working with external vendors. Learn more about Working with Vendors.

Hosting – Where Does it Live?

Providers within Duke

OIT maintains a centralized web hosting environment that provides virtual servers (VMs) to both OIT-supported services as well as applications and services supported by the departments and schools across Duke University. To meet the needs of a majority of OIT’s VM requests and to provide a consistent offering, a set of standard offerings and processes has been created and details can be found at the following links:
- Virtual Server Hosting
- Standard Sizing & Cost of VMs
- Service Expectations & Agreements
- Contact Duke Web Services for assistance setting up a VM
- **Note: Most Drupal implementations require a medium or large bronze-level machine. Most WordPress implementations require a small or medium bronze-level machine.
DHTS Centralized frameworks are based on the following technologies and platforms:
- Public Web Sites: Drupal Content Management Platform (Linux, Apache, MySQL and PHP based).
- Intranet Sites: Microsoft Sharepoint 2010 (Windows Server, IIS, MS SQL Server and .NET based)
- Contact the DHTS web services group for more information.
Your school/dept/unit
External (requires Web Governance Group approval)
External vendors need to host through Duke

Types of Hosting

Sites@Duke: free
Virtual Machine: custom
- Compliance with Duke’s security standards
- Automatic OS updates/upgrade
- Help with Shib and site set up
- Backups and monitoring
- DNS assistance
External (requires WGG review): really custom

Web Resources at Duke

By Sam Huntley

On November 13, 2017

In Digital, Getting Started, Web

Alert Bar

Syndication technology allows for a web bar to appear automatically on websites across the university to highlight emergency news and other alerts. The alert bar accommodates two levels of information. Level 1 alerts, represented by a red bar, will be used for emergencies and will link to the DukeALERT website for additional information. Level 2 alerts, represented by an orange bar, will be used for important messages such as pending severe weather or a gas leak in a building. Download instructions for adding the DukeALERT bar to your website.

Web Fonts

Web fonts are a great way to enhance your site. They provide a more creative license in our communication materials and allow more flexibility and scalability across devices. Because they are vector based they render with crisp edges, clean lines and deep color.

Fonts affect load times as well as your sites’ aesthetic. Don’t use more than 2-3 fonts per site as this will negatively impact your sites’ performance. Since they play such a vital role in a consistent brand execution, refer to the university’s brand system for current font systems and use.

As always, our legacy fonts of Interstate and Garamond are available by request. See University Logos and Fonts in the Brand Guide.

SEO

A website has no value if no one can find it. Therefore, a critical component of any online strategy is search engine optimization (SEO). SEO is by no means an exact science. There is no single action or technique a website owner can employ to ensure his or her site will rank well. By following a basic set of principles for good web content design, the chances of achieving favorable rankings greatly increases.

Use this checklist.

Domain Names

Domain names require approval from the Office of Public Affairs. As a general rule, try to stay away from long, cumbersome spellings or ambiguous acronyms. Use fourth level domains if possible to show associations between units and schools.

Domains obtained by third party organization are the responsibility of the purchaser and should not utilize the duke brand without permission. Read the Duke Domain Request Policy and follow the link at the bottom of the page to complete the request form.

Analytics

Duke’s preferred platform for measuring web site traffic is Google Analytics. If you are unfamiliar with Google analytics or need help getting started, check out Google’s tutorials.

Accessibility

Duke sites and applications must accommodate a baseline level of accessibility to ensure our content reaches as many people as possible. Duke aims to meet the WCAG 2.0 AA standard. The Web Content Accessibility Guidelines (WCAG) are driven by the larger international standards organization for the internet, the W3C. These standards, published in 2008, are based on 4 key principles: Perceivable, Operable, Understandable and Robust. Within these standards are 3 levels on conformance. A, AA, AAA.

It is important to note that web accessibility is accommodated through both the back-end development of a website AND the content that website houses. PDF’s are a big culprit of accessibility violations and it is critical that our communications professional know and understand the pitfalls of the web accessibility from all angles. Duke also has dedicated resources for educating and addressing web accessibility. Please visit the Duke Web Accessibility site for more information.

Service Level Agreements

Any work being done through a contract organization – internal or external – requires a minimum service-level agreement of 10 hours per year. Due to the changing nature of the web and the need for version and security upgrades on our preferred platforms, site owners need to identify some portion of their budget and calendar for updates and patching. Without this, sites are subject to vulnerability and attacks. Should a security breach occur, the security office may remove the affected site until it can be confirmed as no longer a risk. IT organizations such as OIT and DHTS cannot be held responsible for sites and actions that they did not create nor participate in.

Security

Duke websites present a very viable risk to the university and can provide an avenue of attack against other Duke systems. There is a direct relationship between website compromises and unpatched web environments and associated servers. In an effort to improve the security of all Duke’s websites, the IT Security Office (ITSO), Office of Information Technology (OIT) and University Communications have developed guidance and options for those managing websites at Duke.

Website Best Practices

A little goes a long way. Though there are a lot of industry standards with regards to mark up, responsive design, SEO, etc, here are general considerations to keep in mind when taking on a new project: (From Bean Creative)

Go responsive — all design is responsive design. Your content needs to be accessible whether the user is on a mobile device with a 5″ screen or a desktop computer with a 30″ screen.
Offer mobile-first design, with progressive enhancement for larger screens
Optimize accessibility to create a user experience that is fully accessible to all viewers — everything from supporting people with disabilities to serving up clear images for devices that support 3x+
Emphasize UX with good typography, leveraging the increasing number of web-specific typefaces and typekits, like Google Web Fonts, Adobe Typekit, etc.
Focus on long-form content as opposed to click-thru content
Provide CLEAR, real time feedback during form interactions. Don’t force users to guess the formatting needed, and consider small additions like auto tabbing between fields and formatting as you type to be super user-centric

Favicons and App Icons

The Garamond “D” makes is a great option to use as the favicon for a website or the home screen icon for your app. Download the full favicon pack or use the icons hosted below.

Download the Favicons

favicon-16×16.png
favicon-32×32.png
favicon-96×96.png
apple-icon-57×57.png
apple-icon-60×60.png
apple-icon-72×72.png
apple-icon-76×76.png
apple-icon-114×114.png
apple-icon-120×120.png
apple-icon-144×144.png
apple-icon-152×152.png
apple-icon-180×180.png
apple-icon.png
apple-icon-precomposed.png
android-icon-36×36.png
android-icon-48×48.png
android-icon-72×72.png
android-icon-96×96.png
android-icon-144×144.png
android-icon-192×192.png
ms-icon-70×70.png
ms-icon-144×144.png
ms-icon-150×150.png
ms-icon-310×310.png