Library Management Systems need to be secure but just how secure? Here we highlight the complexities of security that needs to be considered. We have compiled this list, although not exhaustive, we feel that these security issues and points do need to be considered in most cases.
1 – What data is coming into your system from external sources? Do you validate content on import and can you trust external sources, particularly digital content?
2 – Is all information the same and accessible by all? If not, you may need a granular security model to apply for user access.
3 – Where are the servers located? Is that an issue for security access or support?
4 – If your servers are located outside of your local country, is your secure data compliant within the laws of that location?
5 – Where is programming performed? If at several places, locations or even countries, what guarantees that code is what it purports to be? Who is accountable and checks this?
6 – Are you sure that your content and activity on the system is not being logged and extracted by a third party without your knowledge?
7 – User authentication? Use of SAML or something similar to control who is accessing systems and with what role.
8 – When data is transferred, is it secured via transfer? For example, what devices is it located on and are security policies in place all the way down the chain? Is data encrypted when transferred?
9 – Who checks backups and their location? How long they stay around? Are you happy that your IT department is covering this?
10 – Are personnel (library staff) trusted to not delete information? It has been known. What is the policy for managing removal of content from the LMS. Would a backup procedure allow recovery of lost information?
So, have you ever experienced problems due to any of the above? Would this list have helped (if you had found it sooner!) or is your LMS 100% secure?
We would love to know your thoughts on how you keep your Library Management System data safe and secure.
Why not Compare Library Management Software now?
Following on from this blog article, please view our General Overview of Soutron Security Standards which has been updated more recently.
Enter your name and email below to get our latest articles delivered straight to your Inbox.
Note: We respect your privacy at all times. You may unsubscribe at any time.