Softlink IC Blog
Subscribe to our regular updates
Are You Committing One or More of These Top 5 Security Sins?
For Knowledge and IT Staff, ensuring the security of the operating systems they use and the data they manage is their most important responsibility. From their organization’s operating systems to software like library management systems (LMS), they are all about protecting user privacy and the organization’s data.
Despite the best intentions, security gaps can result. No one is perfect and we all need help sometimes. With that in mind, Softlink IC would like to share with you what we believe are the 5 top possible security sins that could be committed!
1. Not Updating Your Software
New ways to breach security walls are increasingly inventive, and software vendors are always adding new protections. Have you been guilty of not updating your software whenever you receive update notifications?
Updating operating systems such as Windows, mobile devices, and even your browser, is essential. It is just as important to update other software used in your organizations, such as library management systems, to ensure your environment is as safe as possible.
Updates include enhancements and often include “fixes” for issues identified as a threat to your data and operating systems. They are easy to run and essential in protecting your organization from a range of attacks that can cause inconvenience, or worse, devastating loss of data.
If you use a hosting service, managing updates is taken care of automatically! For example, libraries and knowledge centres using the Liberty LMS and have contracted Softlink IC to host their system are reassured updates to Liberty are done promptly without interruption to service.
2. Not Securing Sensitive Information
Do you manage sensitive data and information? Have you ever put any information you care about in a site that isn’t marked as secure? A secure website is one that includes a padlock icon in the browser’s address. It indicates the data is encrypted.
Encryption protects data from bad actors while enabling remote access to your organization’s sensitive information by authorized users on their mobile devices. Click here for more information on encryption.
If the site doesn’t show the padlock, it’s really easy for an attacker to see everything that is sent between you and the site. Always check for the padlock!
3. Not Guarding Against Phishing
Are you on your guard for phishing emails and messages from bad actors who want you to interact or complete an action?
These types of emails and messages are not uncommon and increasingly, senders are very clever. They often use the name of a person or organization that at a brief glance, appears to be from someone you know or trust!
If you receive what appears to be a phishing email from unknown/untrusted senders:
- Forward them to your IT Department or, if it is your organization’s policy, delete them immediately to prevent the possibility of inadvertently clicking a link.
- Never open attachments or follow links. Those links don’t always take you where they say they will, and opening attachments can unleash a bad genie!
4. Not Backing up Data Regularly
Knowledge professionals are always collecting, curating, and storing data and resources. Do you back up regularly? Not backing up your data regularly is one of the most common security sins, and may result in the loss of years of data if disaster strikes!
Attacks like ransomware are about preventing you from accessing your data. A good backup strategy ensures you will always have a safe copy. It enables you to restore most data in the event of a disaster.
Your mantra should be backup, backup, backup!
5. No Strong Password Policy
A strong password policy is essential. Do you:
- Make passwords complex?
- Ensure staff change their passwords on a regular basis?
- Send them reminders when their password is about to expire with a link to change it?
Make managing password changes easier by using Single Sign On (SSO). Library Management Systems like Liberty have an SSO module that can be included with their LMS. This makes managing password security so much simpler. It means your users only need one password to log in and access your organization’s various software systems. Also, it makes managing passwords, simple, easy but no less secure!
Most of us have implemented policies that are developed to protect business operations and data. It is also true that sometimes tasks slip through the cracks, and policies are not revisited as often as we’d like. It never hurts to double check that the 5 security sins we have identified, are not evidenced in your organization. And please, if you have any questions, just contact us.
- You or Your LMS Vendor – Who Controls Your Library’s Business and Security Settings?
- Employee Spotlight – Jeff O’Keeffe
- Got Satellite Collections? Manage Them with Liberty Link
- The Softlink Scoop – Edition 03/2019
- 5 Brilliant Benefits of Liberty v5 to Whet Your Appetite
- So You Think Your Library Homepage is an Attention Grabber? Wait ‘til you Personalise it!
- Data Conversion – Why Softlink Information Centres Does it Better
- The Softlink Scoop – Edition 02/2019
- Showcasing Liberty and illumin at ALIA’s 2019 Conference
- Softlink IC’s First Liberty Virtual User Group Meetings for 2019