Libraries & Leaky Data: Part 3

By Aaron Skog

Part 1 of this series provided an overview of how library user data ends up in a variety of places within your library other than just the ILS. Part 2 of the series explained how your library services communicate over the network or across the internet in a variety of insecure ways. This is Part 3 of the series where you can take steps to secure your library data.

Here are recommendations on the best approaches to protecting library data. These are standard practices within the IT industry and there are many technical resources available on how to accomplish these steps.

Use Firewalls, AKA The Internet is Made of Ports

The basic way your library firewall works is utilizing the known network communication standards for various software and services. These are called ports. Understanding how networks communicate on ports allows a firewall configuration to be set to block a computer from outside your network from reaching something in the network. Many firewall appliances include security features to isolate threats, such as a blocking user who connects to your library WiFi and initiates a port scan from their laptop. It is possible the user unknowingly has a laptop infected with malware that is constantly looking for ways to spread to other devices.

Segment Your Network

The easiest way to envision network segmentation is to imagine every staff computer’s network cable in your library going to a dedicated network switch that does not connect to the public computers. Each group of computers is segmented from each other, and will not “see” each other on the network. It is possible to do this on the physical level and is fairly easy to pull off without technical know how. This basica approach can get expensive as you are duplicating various switches and equipment throughout your building. This is where virtual LANs can help.

All libraries should utilize virtual LAN segmentation within their local area network (LAN) as a basic rule for network security. This does take time and careful planning as every network layout is different. Below is a chart showing how one might group devices on your library network.

Virtual LAN SegmentsExamples of Groups of Computers, DevicesReason to Group Together
VLAN1Staff computers, staff wifiUser Data Present & Communicating Across Network
VLAN2Self-check stations, print release stations, computer reservation stationsUser Data Authenticating, Possibly Logging on Machines
VLAN3Public computers100% Restricted from Accessing VLAN1, Limited VLAN2 Access
VLAN4Public Wifi100% Restricted from VLAN1, VLAN2 (depending), VLAN3
VLAN5Servers on the network are segmented on their own and can only communicate to VLANs 1-4 on the specific ports.Most restricted access to these computer servers

Establish a Virtual Private Network (VPN)

It is vital for data security transport that library consortia members should utilize a VPN if their staff ILS client does not natively communicate securely back to the ILS server. This is especially important for Symphony WorkFlows users and Millennium/Sierra users.

Standalone libraries should also consider a VPN if their ILS is hosted. Older ILS are not using secure transport (notably SirsiDynix Symphony, Innovative’s Millennium/Sierra).

Move Away from Standard Interchange Protocol (SIP2)

As noted in Part 1 and Part 2 of this blog post series, SIP2 is natively insecure and a poor way to connect your library to other 3rd party services. Unless your library utilizes a VPN between you and your hosted service, SIP2 is simply communicating through the internet in plain text, leaking patron data such as addresses, birth dates, and passwords.

Vendors many libraries use such as SirsiDynix or Innovative Interfaces have alternate ways of transporting your library user data other than SIP2. You would need to inquire if application programming interfaces (API) are available for this purpose.

However, the majority of 3rd party library vendors do not offer alternate ways of connecting to your library ILS other than using SIP2. Make sure to inquire with your vendor representative during your annual renewal if alternate methods have been developed or are under consideration.

Understand Your Self-Service Systems

In Part 1 of this blog post series, I noted that many self-check systems and self-service print release stations will retain user data for the purpose of generating statistical reports for the library. It is important to establish a set procedure for retaining this data on these stations. Once your statistical reports are generated, taking the step to purge the logs or clearing the local database should be considered as routine work by library staff.

Understand Your Integrated Library System

There are some ILS that also log user transactions within the server as a separate process from circulation transactions. These logs should also be considered for periodic rotation and retention per your library data policy. Symphony is an example of having logs which can go back to the first day of the system being put in production. Your library ILS administrator can provide you additional details on ILS logging, or open an inquiry with your ILS vendor.

Take the Library Security Quiz

To assist libraries in assessing their data security, I have created an assessment tool to determine a security score. It will take a library director or management team some time to answer the questions and arrive at the final score.

QuestionAnswerYour Library Score
Which is your library ILS staff client? (Keep in mind the staff client is different from the ILS server software)  
WorkFlowsScore 10 for this insecure staff client 
SierraScore 10 for this insecure staff client 
PolarisScore 0 for this remote desktop client 
Polaris LEAPScore 0 for this web-based client 
BLUEcloud StaffScore 0 for this web-based client 
EvergreenScore 0 for this web-based client 
KohaScore 0 for this web-based client 
OCLC WorldShare Management SystemScore 0 for this web-based client 
HorizonScore 10 for this insecure staff client 
VoyagerScore 10 for this insecure staff client 
   
Does your library connect to the following services?  
OverDrive via SIP2Score 10 for this insecure authentication 
OverDrive via SirsiDynix Web ServicesScore 0 for this more secure authentication 
OverDrive via III Patron APIScore 0 for this more secure authentication 
OverDrive is authenticating, but our library does not know howScore 30 for not knowing 
Evanced Solutions via SIP2Score 10 for this insecure authentication 
Bibliotheca Cloudlibrary via SIP2Score 10 for this insecure authentication 
Bibliotheca Cloudlibrary via SirsiDynix Web ServicesScore 0 for this more secure authentication 
User data sent to Unique Management via email for collection purposesScore 10 for this insecure authentication 
User data sent to Unique Management via SFTP for collection purposesScore 0 for this more secure authentication 
Hoopla via SIP2Score 10 for this insecure authentication 
Hoopla via SirsiDynix Web ServicesScore 0 for this more secure authentication 
Hoopla via III Patron APIScore 0 for this more secure authentication 
MyPC via SIP2Score 10 for this insecure authentication 
MyPC via III Patron APIScore 0 for this more secure authentication 
MyPC via SirsiDynix Web ServicesScore 0 for this more secure authentication 
PCReservation (Envisonware) via SIP2Score 10 for this insecure authentication 
PCReservation (Envisonware) via III Patron APIScore 0 for this more secure authentication 
PCReservation (Envisonware) via SirsiDynix Web Services APIScore 0 for this more secure authentication 
   
Does your library use any of the following self-check systems?  
Bibliotheca/3M self-checks using SIP2Score 10 for this insecure authentication 
D-Tech self-checks using SIP2Score 10 for this insecure authentication 
Envisionware self-checks using SIP2Score 10 for this insecure authentication 
   
Does your library use any of the following solutions or techniques?  
Does your library OPAC utilize HTTPS 100% of the time?Score 0 if yes, score 10 for no 
Does your library use an Automated Material Handler using SIP2?Score 10 for this insecure authentication 
Does your library review and purge computer reservation server data?Score 0 if yes, score 10 for no 
Does your ILS require a SIP2 connection to have a login and password?Score 0 if yes, score 10 for no 
Does your library actively rotate and purge ILS server logs?Score 0 if yes, score 10 for no 
Separate VLANs for staff vs public vs public WiFiScore 0 for yes, score 20 for no 
VPN to hosted ILS (consortium or with vendor)Score 0 for yes, score 20 for no 
VPN client on staff laptop to connect to library networkScore 0 for yes, score 20 for no 
   
   
   
Your Library Security Score Total 0
   
   
Scores 90 or Higher  
Your library is extremely insecure with its user data and steps should be taken immediately to start lowering your score. Begin by talking to your IT staff to ensure your vendors have solutions other than SIP2 to connect to your library ILS, and create a plan to lower 40 points over the next year. If you do not have a VPN or VLANs, the library should establish a VPN to the ILS or hosting library consortium and implement VLANs within your network if you have not done so. 
   
   
Scores 50 – 70  
Your library has some insecure areas it needs to focus on, but you are not terrible. The little things matter such as moving away from SIP2 usage when you have the option to do so. 
   
Scores 30-60  
Your library is pretty secure with its data! Take a look at the few scores and see if you can turn those into zeros over the next year. 
   
Scores 0 – 20  
Congratulations for putting your library data in the most secure footing possible! Make sure to reward your library IT staff and thank your vendors for providing secure options to help protect your user data. 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s