User-facing message guidelines for IEM application policies¶
Required message characteristics¶
| Characteristic | Description |
|---|---|
| Professional Tone | Use clear, neutral, business-appropriate language. |
| Actionable | Tell users exactly what to do next. |
| Specific | Reference exact application names and version numbers. |
| Honest | Accurately describe the situation without exaggeration. |
| Concise | Keep messages under 200 characters when possible. |
Prohibited content¶
Messages MUST NOT contain:
- Credentials (passwords, API keys, tokens)
- Personal or sensitive information (emails, phone numbers, addresses)
- HTML/JavaScript code (
<script>,onclick=,onerror=) - URLs to untrusted external sites
- System paths or internal infrastructure details
- Profanity, discriminatory, or offensive language
- Social engineering attempts ("Click here immediately", "Urgent action required")
- Misleading security warnings
Example violations:
- "Your password is admin123"
- "Alert!
<script>alert('hacked')</script>" - "Contact admin@internal-server.local"
- "File located at /etc/passwd"
For further guidance on tone, clarity, and language standards, refer to the Siemens iX Writing Style Guide.