This would remove the need of having to screen scrape Gold
It would also make it easier to setup notifications on the phone to remind students when they need to leave for class
Alerting
Seth and Steven explained that it's a very difficult subject with many legal requirements around it and the campus needs to have a unified vision on it before any movement would be made on that.
Security Updates for the Applications
GoGaucho Team
Heroku API
Needs to have Authentication added to the API endpoints
DDOS Prevention (Maybe Heroku already does this?)
SqlLite on Phone
Encrypt Data at Rest
Code
Separate Secrets out of the code base
Include Secrets in Build Process
Depending on Campus Conversations
Sign Appendix DS
Security Updates for UCSB APIs
Steven Maglio
Need to develop support to authenticate the user of the application (in this case the student)
Is it possible to pull the JWT token for Google Connect's authorization service?
We would still use API Keys with the API Gateway, but the student would be authenticated through Google's OAuth endpoint?