search.noResults

search.searching

dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
Analysis and news


Securing your library’s resources Ensuring security in libraries is more important now than ever, writes Skott Klebe


Libraries must consider safety and security to be a part of their workflow when thinking about managing their technology resources. At EBSCO Information Services, we get a lot of questions from librarians looking to ensure that their library services are as secure as possible. There are plenty of resources available to help you maintain a safe environment for library users and staff. Here are a few ways to secure your library’s technology resources.


Secure and upgrade public computers The first step is to ensure all public technology resources are secure. First and most important, make sure that your library computers are running up-to-date versions of operating software. Windows 10 and MacOS Mojave are the safest you can run today. Tip – trial the upgrade process on one machine first, and test the software to ensure the upgrades are running smoothly. This may sound routine, but it’s


incredibly important. You can’t make your library patrons safe if your library machines aren’t safe. Older Windows versions like XP and Vista aren’t even supported by Microsoft anymore, meaning that you can’t update them with new fixes. Next, make sure the browsers on all your


computers are also on the latest versions, as it’s impossible to secure an old browser. If you’re using Google Chrome and/or Firefox, turn on automatic upgrades – these browsers are upgraded almost monthly, so there’s no way you can keep up with that schedule manually. Almost 75 per cent of all users of these browsers are running the latest version at any time; that’s how powerful automatic upgrades can be. Internet Explorer – and Microsoft’s new browser, Edge – upgrades are crucial as well, but they’re handled differently. Microsoft bundles those updates into Windows Update, which updates the whole operating system. In Windows 10, there’s no way to turn off


automatic updates – but in Windows 7 and 8, make sure updates are running.


18 Research Information December 2018/January 2019


“Teenaged-basin- surmise-refill is a lot easier to remember than @GMU8^TBYU, and it’s similarly safe”


Invest in antivirus resources Antivirus resources are sometimes disregarded because, well, it’s just one more thing to find money for. However, it’s still important to ensure your public computers are protected by antivirus software. Yesterday’s attackers were after credit card numbers; today’s attackers are also interested in selling access to your library’s content and running Bitcoin mining programs. The good news is that if you can


get your computers to Windows 10, Windows Defender is finally an adequate basic security solution for the desktop, although your IT department may invest in third-party solutions instead. Once installed, make sure the antivirus update subscriptions are running properly, scans are running consistently and the appropriate fixes are being made in real time. Unfortunately, occasionally a computer


may get infected with malicious software that your antivirus package isn’t able to remove. You can tell this has happened when the same computer keeps alerting – it’s not that it’s getting re-infected, it’s that the antivirus software tried and failed to remove the first infection. There’s no choice in these cases except to wipe the hard drive and reinstall.


Set secure passwords What’s a secure password, you ask? I’ve been asked this repeatedly; when I delivered mandatory security awareness training, it was the only part of the class where I could see everyone taking notes. A secure password is one that’s hard for an attacker using a computer to guess. It’s not something that feels personal or private or special. If it’s something that would appear on your Facebook page, or your institution’s page or website, it’s not a secure password. The best way to manage passwords is to


use password management software, like 1Password or LastPass. These packages will generate a new password for every site you use, and remember these passwords. The only password you’ll need to remember is the one you use for the tool’s password manager. Chrome, Firefox and Safari have password managers built in, as well. However, you can still manage without one of these tools, if you must. Longer passwords are better passwords. You can use a dictionary – open it three or four times, pick a word from every page, and separate them with hyphens. Teenaged- basin-surmise-refill is a lot easier to remember than @GMU8^TBYU, and it’s similarly safe. Staff passwords aren’t the only ones that need to be secured. Libraries subscribe to various vendor services, and many require passwords. The same trick can be used to generate a shared password. Tip for sharing this password – don’t put it on your public website. Attackers use Google to search for passwords the same way a burglar checks under the mat for a key. Instead, print the password on paper or notecards. Surprisingly, that’s safer than most ways of posting them online. Securing your library’s resources is crucial to maintain a safe, secure environment for your institution and its patrons.


Skott Klebe is a platform security architect at EBSCO Information Services


@researchinfo | www.researchinformation.info


Dacian G/Shutterstock.com


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32