On your site, you can restrict access to some or all content and files to either:

  • all staff, or
  • all staff and all students.

What content is suitable to restrict?

  • Restricted content is not suitable for information assets classified 'X-IN-CONFIDENCE' or higher.
  • Content must comply with the ICT Security Policy, Procedures and Guidelines.
  • Use restricted content for information that would be suitable for public release (i.e. for content and files that do not contain confidential, sensitive, secure or private information).
  • Do not use restricted content for information and files that could cause compromise or damage the University or an individual’s privacy (e.g. personally identifying information, medical records, credit card, payment or financial information, staff or student records, student results, or commercially sensitive information).

Request restricted content for your site

You must have your manager’s approval to enable restricted content. Email webservices@uq.edu.au to request access.

How to use restricted content

Secure files

When the UQ Secure Content module is enabled, two additional directories will be created in the File Browser:

  1. Staff only
  2. Staff and students.

Documents and images can be uploaded to these directories.

Files in these directories can only be accessed by authenticated UQ staff, or UQ student users.

All sub-folders within these directories have the same authentication requirements.

Any files in the 'Files or Images' directories will remain public.

Moving files to secure directories

If you move files from a public directory to a secure directory, they will become secured immediately.

Moving files from a secure directory to a public directory will make those files public immediately.

Restricting pages

When the UQ Secure Content module is enabled, all node pages of any centrally managed content type will have an additional field added to the bottom of the edit screen:

'Restrict access to this page to the following groups'

This field allows the page to be tagged with security groups. After the page is tagged, it can only be accessed by authenticated users of those groups.

By default pages can be secured to:

  • All staff, or
  • All staff and all students

These match the secure directories available in the File Browser.

Secure pages in menus and lists

Secured pages will not appear in menus or lists for users who are not able to access them (e.g. anonymous users).

Panel pages

The UQ Secure Content module does not apply to panel pages. Panel pages have to be secured by changing their access permissions