Security

Security and data-handling guidance for this build.

TheBioBook is designed around account-based access, attendee-controlled publishing, and event-level workflow separation. This page keeps the language clear and honest about what this build does and what production deployment should add.

Included in this build

Password-protected attendee and organizer accounts.
Event pages tied to meeting codes and user flow status.
Attendee control over published contact fields.
Separate event-specific notes so temporary meeting context does not overwrite a core BioBook.

Recommended for production deployment

HTTPS across the full site and any related subdomains.
Restricted write permissions for data and upload directories.
Routine backups and recovery procedures.
Server monitoring, software updates, and access logging.
Formal review of retention, privacy, and legal language before public launch.