Secure file sharing

What are web forms?

Web forms are a place on your website where web visitors can enter data. That data is submitted to the web server for processing and can be used to populate workflows. These flexible tools make it possible to interact with visitors, collect data, and even receive files from customers.

What are web forms used for?

Web forms can be used to collect personal details (like names and email addresses), collect survey responses, or give customers a place to upload files.

Because web forms are highly interactive, they are the perfect way to turn a website into an intelligence tool.  As such, web forms can be used to get customer information, learn what customers are thinking, allow customers to disclose purchase intent, and much more.

The most common example of using web forms is the collection of email addresses for a company’s email marketing list.  Often, content is put behind a “gate” that companies use to collect email addresses in exchange for coveted information, like a case study, free guide/playbook, or e-commerce coupon code.

Sometimes, the email addresses are gathered with promise of access to a higher-value asset, like a webinar or free sample.

Web forms are not just for newsletters and marketing; they are also used for anonymous surveys or quizzes.

Some companies create an upload area for their customers to submit information.  The customer can be given a website login to prove their identity.  Once logged in, it is easy to upload files for the company to process using a web form.  A typical example of this is a CPA firm giving their clients web access to upload PDFs of their W2s and 1099s at tax time.

Web forms have unlimited flexibility, and therefore have unlimited possibilities.  Web forms can ask for customer feedback on ideas for new products.  They also create a way for a customer to enter a credit card number and complete a purchase.  They give banking clients a way to check balances and transfer funds.

Forms are the natural, expected way to interact with the visitors to your website.  With web forms, you can capture data to understand customer journeys, get visitor feedback, and start customer service help tickets.

After visitors enter this data, the website or workflow will store it until you’re ready to use it.  If you set up the form carefully, you’ll get a dataset that is easy to process, analyze, and act upon.

Is there a file upload limit for web forms?

Some web form providers set limits on the files that can be uploaded. There are two types of restrictions.

The first is based on an organization's commercial relationship with the web form provider. Often web forms are licensed based on the number of submissions made in a calendar month. These submission numbers are usually banded, for example 0 - 500, 501 - 1,000, or 1,001 to 1,500 submissions per month (and so on). If the number of submissions to a web form goes above its licensed number, the excess submissions may be restricted until the limit is reset the following month.

Another way that web form submissions can be limited is by file type or size. This is normally done based on an organization's data collection requirements. For example, you may only want to collect PDF files, not Word documents. As a result, you can put the file type '.pdf' on your allow list, and put '.doc' on your block list. If someone tries to upload a '.doc' file via your web form, their submission will be rejected. The same applies to file size. You may want to restrict the size of files being uploaded to your server and populating your workflows due to bandwidth limitations. Again, you can simply cap the files based on size restrictions, meaning submissions to your web forms with files exceeding this size will be rejected.

Egress Secure Web Form enables organizations to fully customize the way they collect data, including enforcing file restrictions. Unless you enforce one, there is no limit to the size of file that can be submitted using Secure Web Form, although upload speed will be affected by your internet connectivity.

Can I use a free web form?

You can, but there is significant risk in using free forms.

If the question is, “Can I use a free web form and keep my data secure?”, then the answer is no.  Free forms are not secure, and your clients’ data can be exposed while being transmitted from their device to your server or workflow.  This exposes you and your clients to a data breach.

Instead of using a free form builder, you can opt for paid-for form like Secure Web Form to keep your visitors’ information encrypted and protected from the time they click submit until it gets to your server.

Creating an Egress form for your website also has other advantages that free forms do not.  Egress scans files that visitors attach to protect your web server from infected or malicious uploads.

Egress web forms can also be integrated with Egress Secure Workspace, which creates an additional layer of safety and security by saving submitted data in a secure storage zone.  This is like quarantining the data, making sure it's only accessed by authorized recipients within your organization and keeping it from accessing system files and corrupting the server if it is infected with a new type of virus that AV scanning cannot detect.

HIPAA-compliant web forms

HIPAA (Health Insurance Portability and Accountability Act) provides a standard protocol that protects patients’ healthcare information.  That means it is the responsibility of the website owner who collects medical data to ensure that it is submitted through a secure web.

In order to remain HIPAA compliant, you must meet the security requirements at all points, from the patient’s device to your server(s).

The process of creating a HIPAA-compliant web form is straightforward when you use Egress Secure Web Form.  When you create a form with Egress, you’ll be able to ensure HIPAA compliance because:

    1. Egress forms use AES-256 bit encryption.  The data is encrypted from the moment it leaves the sender’s device until it arrives on your servers.
    2. You can check user identity by putting verifications in place.
    3. You can restrict file types.
    4. Your files are scanned using anti-virus software to protect against malicious uploads.
    5. All submissions and uploads are meticulously tracked and audited.
    6. You can send patients confirmation that their data was received.
    7. Organizations that handle medical data can rest assured that with these features, they will maintain HIPAA compliance when handling patient data through their Egress web forms.

How to make a web form

The first step when making a web form is to plan your fields carefully.  You want to collect all the data you need, and no more.  Keep your forms as simple as possible, but do not overdo it.  Forms that skimp on fields may limit your understanding of your visitors and clients later.  On the other hand, an overly complex form will frustrate your visitors and cause them to click off or, worse, submit inaccurate or incomplete information. Additionally, under many data privacy regulations, you are only permitted to collect pertinent information if the information you need contains personal data. You risk non-compliance and resulting penalties for collecting more personal data than you need, Plus, data subjects are now able to request erasure of non-pertinent data, which can create headaches further down the line if you need to remove information you are no longer entitled to have access to.

When planning your Egress form, consider all the information you want to collect, and map those data points to fields on your new form.  You will be able to create dynamic fields, which means that if a visitor answers a question a certain way, the form will change to accommodate that.  (Example:  If users check “yes” if asked if they have a car, a field will appear later to collect information on the car.)

Egress has consultants on staff to help you tailor your web form so that the data you collect will be in a format that matches your business intelligence requirements.

How to make sure your web form is secure

Using Egress to create a web form ensures that the data you collect through your web form will be kept secure.

Since website users often need to enter private or sensitive information into web forms, it is imperative that the data is carefully protected at all places during transmission.

The form will encrypt the data that gets submitted to the server to prevent snoops and hackers from intercepting it.  File attachments are scanned to ensure there are no malware or threatening scripts embedded in the file(s).  You should also make sure that this data remains protected once it enters the web server or the workflow it's populating (we recommend Egress Secure Workspace for this).

Egress ensures you have all this security when you embed an Egress Secure Web Form on your website.