IT Security For Libraries

Practical Advice On Choosing Good Passwords

This is Part Three in my many part series on IT Security In Libraries. In Part One I tried to lay the foundation for security. Last time we talked privacy, and today it's passwords.

A comment on an LISNews post from last week asked me about passwords. It seems like such simple, obvious topic, but when you stop and think about it, passwords are difficult, and a good answer does indeed take 1,399 words.

Do you always use unique passwords? Are those passwords always "strong"? Does your library's web presence require strong passwords for all users? Do you have password recommendation clearly posted on your web resources for your users? What makes a good password? Are complex passwords the most secure? Is it uniqueness? Is length the most important thing in a password? I'll start by saying the single most important thing is uniqueness, never reuse a password on everything. -- Read More

Practical Tips For Online Privacy

This is Part Two in my many part series on IT Security In Libraries. In Part One I tried to lay the foundation for security. This week we'll talk privacy, and up next will be a general "Staying Safe Online" that will cover a million and one tips on how to keep you and your computer safe.

Privacy is a relative term. That is, the things that I consider important to my privacy, someone else might not care about. As librarians we usually key in on Confidentiality Threats. We want our patrons records safe. We also don't share that information with ANYONE else. In general, we are fierce about protecting our patrons’ privacy. This is something that has always set us apart from everyone else. Amazon won't do it. Google won't do it. Do I even need to say Facebook won't do it? People who come into the library or use our web sites don't worry about what's going to happen with their information (or at least they shouldn't need worry about it). They should know we are doing our best to guard their privacy. Keeping all our IT resources secure should be a large part of guarding that privacy.

There are no big events, dead bodies or explosions in privacy violations. It's something that is slowly eroding over time. The troubles are more subtle and are caused by errors, or intential misues and a shocking lack of transparency, accountability and security. We don't think about privacy much, we only think about it when things are going wrong. Most people tend to think privacy isn't very important, and don't give it a second thought. Most companies make money by keeping our information as free as possible so it can be used, shared, and sold.

Let’s start this section with some general arguments FOR privacy, some reasons why privacy is so highly valued in our profession: -- Read More

IT Security For Libraries First In A Series

IT Security In Libraries
8. Social Media Security
7. Practical IT Security
6. Integrating IT Security In Your Library
5. 20 Common Security Myths
4. How To Stay Safe Online
3. Passwords
2. Privacy
1. IT Security Foundations

Today's post is long on theory. I'll argue that most any library can be a target, and present some ideas on how to make things more secure in your library.
My first post will cover privacy, because I think it's closely related to security, and it's something we as librarians take seriously. Then I'll cover a bunch of ways to stay safe online, how to secure your browser, PC and other things you and your patrons use every day. I'll also cover some common security myths. Then we'll talk passwords: everything has a password now, and I want to make sure we all understand what it takes to make your password as secure as possible. Then we'll talk network security for a bit, followed by hardware and PC security. Then I'll focus on security issues that you'll find in your library. And last, but not least, some things I think you'll find interesting that sysadmins do with servers to make things safer for you, and that you'll never see as an end user. -- Read More

Syndicate content