2015 KLA-MLA Joint Conference, Heather Braum & Robin Hastings, NEKLS
Libraries have long been concerned with protecting the records of what patrons read. But with the rise of multiple library digital services, are we continuing to protect patron data? Concerns about password security, third party vendors, remote access, plain text transfer, and more security issues will be shared. Additionally, a conversation will occur around what information libraries are trading for the information they are getting from third party vendors. Ultimately, participants will walk away with a better understanding of data privacy and security issues in libraries today.
The Balancing Act of Digital Privacy & Digital Services in Libraries
1. Heather Braum &
Robin Hastings,
NEKLS,
KLA/MLA Sept. 2015
The Balancing Act
of Digital Privacy &
Digital Services
in Libraries
Heather Braum, NExpress Coordinator, NEKLS
Robin Hastings, Director of Technology, NEKLS
5. Heather Braum &
Robin Hastings,
NEKLS,
KLA/MLA Sept. 2015
#3: “We protect each library
user's right to privacy and
confidentiality with respect to
information sought or
received and resources
consulted, borrowed, acquired
or transmitted.”
Source: http://www.ala.org/advocacy/proethics/codeofethics/codeethics
6. Heather Braum &
Robin Hastings,
NEKLS,
KLA/MLA Sept. 2015
#6: “We do not advance
private interests at the
expense of library users,
colleagues, or our employing
institutions. ”
Source: http://www.ala.org/advocacy/proethics/codeofethics/codeethics
8. Heather Braum &
Robin Hastings,
NEKLS,
KLA/MLA Sept. 2015
#1.What digital services
does your library utilize —
where patron info is used?
9. Heather Braum &
Robin Hastings,
NEKLS,
KLA/MLA Sept. 2015
#2. Do you use the same
password for every
online service?
10. Heather Braum &
Robin Hastings,
NEKLS,
KLA/MLA Sept. 2015
#3. How are your staff
computers secured?
11. Heather Braum &
Robin Hastings,
NEKLS,
KLA/MLA Sept. 2015
#4.Who has access to
your ILS & its database?
Where is that data held?
12. Heather Braum &
Robin Hastings,
NEKLS,
KLA/MLA Sept. 2015
Last week…
Sources: https://goo.gl/hgnOJr & http://t.co/iDFZEZhcnK
13. Heather Braum &
Robin Hastings,
NEKLS,
KLA/MLA Sept. 2015
#5. Do you ask
questions of your
vendors?
14. Heather Braum &
Robin Hastings,
NEKLS,
KLA/MLA Sept. 2015
Example Questions to Ask
1. How is our data secured on the server and during
communications to other devices?
2. Is our data easily & quickly portable?
3. How often is our service monitored for security
threats?
4. How is our data backed up?
5. Who has access to our data?
6. What are the browser & security recommendations
for local computers using your service?
Sources: Based from Hastings, R. (2014). Making the most of the cloud: How to choose and implement the best
services for your library, 76. & http://goo.gl/QwIc52 & https://goo.gl/M1q5q3
15. Heather Braum &
Robin Hastings,
NEKLS,
KLA/MLA Sept. 2015
#6. How secure is your library
network, online sites &
data pathways?
16. Heather Braum &
Robin Hastings,
NEKLS,
KLA/MLA Sept. 2015
Action Plan
1. Review Contracts & Terms of Services
2. Ask questions of vendors like the ones
discussed today
3. What information are you trading for
digital services and is the tradeoff worth
it?
17. Heather Braum &
Robin Hastings,
NEKLS,
KLA/MLA Sept. 2015
Resources
• Slides — http://goo.gl/2tb9rZ
• Handout — https://goo.gl/Ddn2Z4
• ALA Code of Ethics — http://goo.gl/uI5jrx
• ALA’s Resources on Privacy — http://goo.gl/1RUdy
• Arstechnica Risk Assessment/Security — http://goo.gl/Tbwel
• Sans Security Resources — https://goo.gl/XFdRw3
• Library Freedom Project — libraryfreedomproject.org
• Patron Privacy ALA IG Listserv — http://goo.gl/U6u8FA
• Library Digital Privacy Pledge (draft) https://goo.gl/JzzShI
18. Heather Braum &
Robin Hastings,
NEKLS,
KLA/MLA Sept. 2015
Contact Us
• Robin — rhastings@nekls.org, @webgoddess
• Heather — hbraum@nekls.org, @hbraum
Sources: http://goo.gl/sIyE3 & http://goo.gl/wKRcyU & http://goo.gl/yhXcnn