HR Policies & Procedures

How a Public Library Approaches Computer Security

Yesterday we learned that like an office, your local library has some serious computer security concerns. With numerous individuals using computers without direct oversight, there seems no end to the number of ways those computers might be compromised. Luckily, the library uses a system that takes care of all that, and it’s a lot more elegant than antivirus software.

To find out, we asked Katy Dillman, Development & Outreach Librarian, at the local Blackstone Library in Branford, CT, just how the devil they keep their computers secure?

Accountability

Just as with many ordinary businesses, accountability affords a certain level of protection for the computers at Blackstone. Patrons can only use a terminal via their library card or by using regularly generated guest passes. In this way, there is at least some connection between any particular computer and the user—especially if he or she uses a library card. This also helps track who needs to pay for printing, and how much time each patron is allocated for computer use. 

Additionally, while there are no software-based restrictions on Internet usage, there is a publically posted policy for Internet use. Part of their Internet use policy involves the following language, “The Library does not monitor or control the content of material available through this medium, but expects appropriate use in a public and open environment.” Appropriate use may sound vague, and it’s specifically made to, but it also means that anyone who violates that definition can be booted from using the computer.


Leaning towards BYOD policy at your workplace? The first step is to get IT involved. Check out this article, BYOD and Employee Habits—Employer Concerns.


Wipe and Restore

The major protection that the library has against security problems like accidental or willful infection by computer viruses involves their automatic wipe and restore practice. Concerning this practice, Dillman says, “We have installed software called Reboot Restore RX on all of our public terminals.” The software wipes the computer every day and then restores it to its original state. Any files, programs, or documents that were downloaded or modified throughout the day are erased.

“To make sure that no operating system files are changed during the course of the day, we have created Admin, Staff, and Patron accounts” said Dillman. Blackstone’s use of patron accounts prevents any public user from installing executable files, even if they are downloaded and restrict access to any of the real nuts and bolts of the computer’s software. In this way, no matter what the average user manages to do to the computer during the day or at night, all is well—after a useful reboot and restore.

Data Security

With personal data being stolen on a regular basis and used by hackers to create illegal identification, ruin credit, or clean out bank accounts, it’s more imperative than ever to come up with a solution. On this topic, Dillman says that while the security of individuals’ data is important and a priority, “it is up to the user to determine how secure their own data must be, and to take appropriate steps to secure the data.”

Even if a user leaves any files or personal data on the computer, it will only remain until that night when the machine wipes itself. This does limit the risk to those who use their personal information on the public computers. Additionally, Dillman says, “For a user working with sensitive data, they can request that we reboot the computer after their session, ensuring their data is wiped clean, and we are happy to comply.”

Imagine using a wipe and restore system along with various types of account access at your business. Sure, newly created or modified files would have to live on the cloud to avoid being destroyed, but then again, the security of your computers would be reset to perfect at the end of every day. That is something to think about.

Speaking of security, have you implemented (or are you considering implementing) a Bring Your Own Device (BYOD) policy? There are a lot of pros and cons to such a policy. Read all about them in the article BYOD and Employee Habits—Employer Concerns, available on BLR’s new IT Daily Advisor.


There are a lot of ups and downs when it comes to a BYOD policy. Read this article to learn what they are, as well as some best practices.


BLR’s recently launched IT Daily Advisor is all about getting the latest in IT best practices, ideas, and surveys to you.

We at BLR would appreciate it if you shared this email with your IT department.

The new IT Daily Advisorcovers IT oriented topics like:

  • Strategy
  • Security
  • Management and Finances
  • Help Desk Administration
  • Asset Management
  • And much more!

Learn more now