SlideShare a Scribd company logo

Carver-IT Security for Librarians

โ€ข
โ€ข
National Information Standards Organization (NISO)
National Information Standards Organization (NISO)

This talk was provided by Blake Carver of LYRASIS during the NISO Webinar, Digital Security: Securing Library Systems, held on Wednesday, November 9, 2016

Education
1 of 50
Download to read offline
IT Security For Librarians Blake Carver LYRASIS Systems Administrator
Everything You Need To Know Use Good Passwords Stay Paranoid & Vigilant Use Routine Backups Keep Everything Patched / Updated Think Before You Share Or Connect Intro
Other Things Passwords are Key ALL Software Has Flaws Security Is Complicated Everyone Plays A Part
If Vs. When Somethings are IFs, somethings are WHENs Some things are Likely Some things Possible
โ— โ— โ— โ— โ— โ— โ— โ— Bad Guys? Hackers? Crackers? Criminals? Intro
โ— โ— โ— โ— โ— โ— โ— โ— Security Cyber Security? IT Security? Safety? Information Security? Information Literacy? The Digital Divide? Intro
โ€œSecurity is two different things: It's a feeling & It's a reality โ€ Bruce Schneier โ€“ TedxPSU Intro
Security isnโ€™t either/or Secure Or Vulnerable Intro
Security & Privacy are, Getting Better, But they're Getting Worse FasterIntro
Why does this keep happening? The Internet was built for openness and speed More Things Online โ€“ More Targets Old, out-of-date systems and budget shortfalls New poorly designed systems Surveillance is the business of the Internet
Vulnerabilities โ— โ— โ— โ— โ— โ— โ— โ— Intro The vulnerability can be exploited remotely Used without any account credentials Not easily noticed or repaired The attack can be used, reused and scaled Chained and used with other common vulnerabilities
Why? Professionals Intro
And Everyone Else
Bad Guys Skill Focus Tools Time Training
ALL the tools and attacks only ever get bigger better faster stronger cheaper easier and more common.
Not much of this crime is new Automation Distance "Technique Propagation" (โ€œOnly the first attacker has to be skilled; everyone else can use his software.โ€) Intro
The technology of the internet makes the bad guys vastly more efficient. Intro
It's Safe Behind The Keyboard Hacking is a really safe crime. Comparatively. To other real life crime
Intro
Where Are They Working? โ€ข Social Networks โ€ข Search Engines โ€ข Advertising โ€ข Email โ€ข Web Sites โ€ข Web Servers โ€ข Home Computers โ€ข Mobile Devices Intro
This is the work of a rogue industry, not a roguish teenager Intro
What Are They After? โ€ข PINs โ€ข Passwords โ€ข Credit Cards โ€ข Bank Accounts โ€ข Usernames โ€ข Contact Lists โ€ข Emails โ€ข Phone Numbers โ€ข Your Hardware... Intro
http://krebsonsecurity.com/2012/10/the-scrap-value-of-a-hacked-pc-revisited/?utm_source=feedburn
Personal information is the currency of the underground economy Intro
Personal information is the currency of the entire Internet economy Intro
What's It Worth?Credit Cards: $5-$30 Basic or โ€œRandomโ€$5-$8 With Bank ID# $15 With Date of Birth $15 With Fullzinfo $30 Payment service accounts: $20-$300 containing from US$400 to $1,000 between $20 and $50 containing from $5,000 to $8,000 range from $200 to $300 Bank login credentials: $190-$500 A $2,200 balance account selling for $190. $500 for a $6,000 account balance, to $1,200 for a $20,000 account balance Online premium content services: $.55-$15 Online video streaming($0.25 to $1) premium cable channel streaming services ($7.50) premium comic book services ($0.55) professional sports streaming ($15) Loyalty, community accounts: $20-$1400 A major hotel brand loyalty account with 100,000 points for sale for $20 An online auction community account with high reputation marks priced at $1,400 "The Hidden Data Economy" study by MacAfee October 2015
http://www.symantec.com/connect/blogs/netflix-malware-and-phishing-campaigns-help-build-emerging-black-market
"None of this is about being "unhackable"; itโ€™s about making the difficulty of doing so not worth the effort." Intro
Intro
https://www.teachprivacy.com/the-health-data-breach-and-id-theft-epidemic/
Think Differentโ€ฆ Have A Hacker Mindset Have A Security Mindset Intro
Building a Defensible Library Lock Things Down Grant Least Privilege Whitelisting - Patches โ€“ Limit Admins Threat Modeling Everything With An IP Address Matters Training New Instincts Never Without The WHY
Libraries Live Below The Security Poverty Line(Wendy Nather) We simply can't afford to reach a great level of security Few or no IT People Few or no Security People Hard to keep up with technology and security Maintenance, planning, strategy are 2nd to OMG Depend on consultants, vendors, family, patrons, friends, volunteers, etc...
What Does A Library Need To Protect? OPAC / ILS Staff Computers Databases Printers / Copiers Website Servers Backups Printers Cameras Wi-Fi Routers Routers Cell Phones Ipads Laptops
Things (The IoT) โ— Security is an afterthought. โ— The lack of security education by most of the stakeholders โ— The lack of security education by consumers โ— Security is a cost center โ— Security makes things more expensive โ— Security makes things hard to use
Locking Down Computers โ€ข Patching and Updating โ€“OS and *ALL* Applications โ€ข Whitelisting โ€ข BIOS passwords โ€ข SteadyState / DeepFreeze / SmartShield โ€ข Check for USB additions โ€ข Admin โ€ข Donโ€™t use Windows? โ€ข Donโ€™t use IE? IT Security For Libraries
Donโ€™t Forget โ€ข Check the internet for usernames/passwords for your library (e.g. pastebin.com) โ€ข HTTPS โ€ข Is your domain name going to expire? โ€ข Is you SSL Cert going to expire? โ€ข Typo Squatters? IT Security For Libraries
Thumb Drives
http://www.pewinternet.org/files/2015/09/2015-09-15_libraries_FINAL.pdf Offer Training At Your Library
The correlation between effort & results is questionable You could have no security and be lucky. You could have great security and just get really unlucky and have a determined hacker.
Do something to make the bad guys job harder
Perfect is the enemy of the Good
Remember: This about your libraryโ€™s security and protecting your libraryโ€™s brand and reputation and your patrons. The only way this can happen is if security and risk management become regular parts of library conversation.
Everything You Need To Know Use Great Passwords Strong (Long, Complex) Unique Stay Paranoid & Vigilant Never Trust Anything or Anyone Always Double Check Think Before You Click Use Routine Backups Keep Everything Patched / Updated Think Before You Share Intro
Building a Defensible Library Lock Things Down Grant Least Privilege Whitelisting - Patches โ€“ Limit Admins Threat Modeling Everything With An IP Address Matters Training New Instincts Never Without The WHY
IT Security For Librarians Blake Carver LYRASIS Systems Administrator

Recommended

Carver IT Security for Librarians
Carver IT Security for LibrariansCarver IT Security for Librarians
Carver IT Security for Librarians
National Information Standards Organization (NISO)
ย 
Goans-Helms-IT Security at Georgia Tech Library
Goans-Helms-IT Security at Georgia Tech LibraryGoans-Helms-IT Security at Georgia Tech Library
Goans-Helms-IT Security at Georgia Tech Library
National Information Standards Organization (NISO)
ย 
Ayala mar23
Ayala mar23Ayala mar23
Ayala mar23
National Information Standards Organization (NISO)
ย 
An Introduction To IT Security And Privacy - Servers And More
An Introduction To IT Security And Privacy - Servers And MoreAn Introduction To IT Security And Privacy - Servers And More
An Introduction To IT Security And Privacy - Servers And More
Blake Carver
ย 
Security & Compliance: Core Concepts Explained
Security & Compliance: Core Concepts ExplainedSecurity & Compliance: Core Concepts Explained
Security & Compliance: Core Concepts Explained
Alan Eardley
ย 
Hacking Mobile Apps
Hacking Mobile AppsHacking Mobile Apps
Hacking Mobile Apps
Sophos Benelux
ย 
Logs vs Insiders
Logs vs InsidersLogs vs Insiders
Logs vs Insiders
Anton Chuvakin
ย 
Ransomware ly
Ransomware lyRansomware ly
Ransomware ly
Lisa Young
ย 

Recommended

Carver IT Security for Librarians
Carver IT Security for LibrariansCarver IT Security for Librarians
Carver IT Security for Librarians
National Information Standards Organization (NISO)
ย 
Goans-Helms-IT Security at Georgia Tech Library
Goans-Helms-IT Security at Georgia Tech LibraryGoans-Helms-IT Security at Georgia Tech Library
Goans-Helms-IT Security at Georgia Tech Library
National Information Standards Organization (NISO)
ย 
Ayala mar23
Ayala mar23Ayala mar23
Ayala mar23
National Information Standards Organization (NISO)
ย 
An Introduction To IT Security And Privacy - Servers And More
An Introduction To IT Security And Privacy - Servers And MoreAn Introduction To IT Security And Privacy - Servers And More
An Introduction To IT Security And Privacy - Servers And More
Blake Carver
ย 
Security & Compliance: Core Concepts Explained
Security & Compliance: Core Concepts ExplainedSecurity & Compliance: Core Concepts Explained
Security & Compliance: Core Concepts Explained
Alan Eardley
ย 
Hacking Mobile Apps
Hacking Mobile AppsHacking Mobile Apps
Hacking Mobile Apps
Sophos Benelux
ย 
Logs vs Insiders
Logs vs InsidersLogs vs Insiders
Logs vs Insiders
Anton Chuvakin
ย 
Ransomware ly
Ransomware lyRansomware ly
Ransomware ly
Lisa Young
ย 
Security best practices for regular users
Security best practices for regular usersSecurity best practices for regular users
Security best practices for regular users
Geoffrey Vaughan
ย 
Hacking Cracking 2008
Hacking Cracking 2008Hacking Cracking 2008
Hacking Cracking 2008
Jim Geovedi
ย 
Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)
Cyber Security Infotech
ย 
Threat Hunting by Falgun Rathod - Cyber Octet Private Limited
Threat Hunting by Falgun Rathod - Cyber Octet Private LimitedThreat Hunting by Falgun Rathod - Cyber Octet Private Limited
Threat Hunting by Falgun Rathod - Cyber Octet Private Limited
Falgun Rathod
ย 
Information security awareness training
Information security awareness trainingInformation security awareness training
Information security awareness training
Sandeep Taileng
ย 
Current & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsCurrent & Emerging Cyber Security Threats
Current & Emerging Cyber Security Threats
NCC Group
ย 
Security Audit
Security AuditSecurity Audit
Security Audit
Nicholas Davis
ย 
Information security presentation
Information security presentationInformation security presentation
Information security presentation
HK IT solutions... unlimited...
ย 
TYPES OF HACKING
TYPES OF HACKINGTYPES OF HACKING
TYPES OF HACKING
SHERALI445
ย 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn Hospital
Atlantic Training, LLC.
ย 
Cyber security # Lec 1
Cyber security # Lec 1Cyber security # Lec 1
Cyber security # Lec 1
Kabul Education University
ย 
Security Training: Making your weakest link the strongest - CircleCityCon 2017
Security Training: Making your weakest link the strongest - CircleCityCon 2017Security Training: Making your weakest link the strongest - CircleCityCon 2017
Security Training: Making your weakest link the strongest - CircleCityCon 2017
Aaron Hnatiw
ย 
Data Classification And Loss Prevention
Data Classification And Loss PreventionData Classification And Loss Prevention
Data Classification And Loss Prevention
Nicholas Davis
ย 
Lecture Data Classification And Data Loss Prevention
Lecture Data Classification And Data Loss PreventionLecture Data Classification And Data Loss Prevention
Lecture Data Classification And Data Loss Prevention
Nicholas Davis
ย 
Cybersecurity for CRM v0219-3
Cybersecurity for CRM v0219-3Cybersecurity for CRM v0219-3
Cybersecurity for CRM v0219-3
Caston Thomas
ย 
Owasp Mobile Top 10 โ€“ 2014
Owasp Mobile Top 10 โ€“ 2014Owasp Mobile Top 10 โ€“ 2014
Owasp Mobile Top 10 โ€“ 2014
n|u - The Open Security Community
ย 
Hacking
HackingHacking
Hacking
Jay Janodia
ย 
ILTA Product Briefing: How are your users sharing confidential information?
ILTA Product Briefing: How are your users sharing confidential information? ILTA Product Briefing: How are your users sharing confidential information?
ILTA Product Briefing: How are your users sharing confidential information?
TitanFile
ย 
Competitive cyber security
Competitive cyber securityCompetitive cyber security
Competitive cyber security
William Mathews
ย 
Lavignino Do You Know Your Privacy Risks
Lavignino Do You Know Your Privacy RisksLavignino Do You Know Your Privacy Risks
Lavignino Do You Know Your Privacy Risks
National Information Standards Organization (NISO)
ย 
Chris Shillum: Overview of the RA21 proejct presentation
Chris Shillum: Overview of the RA21 proejct presentationChris Shillum: Overview of the RA21 proejct presentation
Chris Shillum: Overview of the RA21 proejct presentation
National Information Standards Organization (NISO)
ย 
Carpenter: Getting Access Control from Here to There
Carpenter: Getting Access Control from Here to ThereCarpenter: Getting Access Control from Here to There
Carpenter: Getting Access Control from Here to There
National Information Standards Organization (NISO)
ย 

More Related Content

What's hot

Security best practices for regular users
Security best practices for regular usersSecurity best practices for regular users
Security best practices for regular users
Geoffrey Vaughan
ย 
Hacking Cracking 2008
Hacking Cracking 2008Hacking Cracking 2008
Hacking Cracking 2008
Jim Geovedi
ย 
Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)
Cyber Security Infotech
ย 
Threat Hunting by Falgun Rathod - Cyber Octet Private Limited
Threat Hunting by Falgun Rathod - Cyber Octet Private LimitedThreat Hunting by Falgun Rathod - Cyber Octet Private Limited
Threat Hunting by Falgun Rathod - Cyber Octet Private Limited
Falgun Rathod
ย 
Information security awareness training
Information security awareness trainingInformation security awareness training
Information security awareness training
Sandeep Taileng
ย 
Current & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsCurrent & Emerging Cyber Security Threats
Current & Emerging Cyber Security Threats
NCC Group
ย 
Security Audit
Security AuditSecurity Audit
Security Audit
Nicholas Davis
ย 
Information security presentation
Information security presentationInformation security presentation
Information security presentation
HK IT solutions... unlimited...
ย 
TYPES OF HACKING
TYPES OF HACKINGTYPES OF HACKING
TYPES OF HACKING
SHERALI445
ย 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn Hospital
Atlantic Training, LLC.
ย 
Cyber security # Lec 1
Cyber security # Lec 1Cyber security # Lec 1
Cyber security # Lec 1
Kabul Education University
ย 
Security Training: Making your weakest link the strongest - CircleCityCon 2017
Security Training: Making your weakest link the strongest - CircleCityCon 2017Security Training: Making your weakest link the strongest - CircleCityCon 2017
Security Training: Making your weakest link the strongest - CircleCityCon 2017
Aaron Hnatiw
ย 
Data Classification And Loss Prevention
Data Classification And Loss PreventionData Classification And Loss Prevention
Data Classification And Loss Prevention
Nicholas Davis
ย 
Lecture Data Classification And Data Loss Prevention
Lecture Data Classification And Data Loss PreventionLecture Data Classification And Data Loss Prevention
Lecture Data Classification And Data Loss Prevention
Nicholas Davis
ย 
Cybersecurity for CRM v0219-3
Cybersecurity for CRM v0219-3Cybersecurity for CRM v0219-3
Cybersecurity for CRM v0219-3
Caston Thomas
ย 
Owasp Mobile Top 10 โ€“ 2014
Owasp Mobile Top 10 โ€“ 2014Owasp Mobile Top 10 โ€“ 2014
Owasp Mobile Top 10 โ€“ 2014
n|u - The Open Security Community
ย 
Hacking
HackingHacking
Hacking
Jay Janodia
ย 
ILTA Product Briefing: How are your users sharing confidential information?
ILTA Product Briefing: How are your users sharing confidential information? ILTA Product Briefing: How are your users sharing confidential information?
ILTA Product Briefing: How are your users sharing confidential information?
TitanFile
ย 
Competitive cyber security
Competitive cyber securityCompetitive cyber security
Competitive cyber security
William Mathews
ย 

What's hot (19)

Security best practices for regular users
Security best practices for regular usersSecurity best practices for regular users
Security best practices for regular users
ย 
Hacking Cracking 2008
Hacking Cracking 2008Hacking Cracking 2008
Hacking Cracking 2008
ย 
Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)Cyber security awareness training by cyber security infotech(csi)
Cyber security awareness training by cyber security infotech(csi)
ย 
Threat Hunting by Falgun Rathod - Cyber Octet Private Limited
Threat Hunting by Falgun Rathod - Cyber Octet Private LimitedThreat Hunting by Falgun Rathod - Cyber Octet Private Limited
Threat Hunting by Falgun Rathod - Cyber Octet Private Limited
ย 
Information security awareness training
Information security awareness trainingInformation security awareness training
Information security awareness training
ย 
Current & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsCurrent & Emerging Cyber Security Threats
Current & Emerging Cyber Security Threats
ย 
Security Audit
Security AuditSecurity Audit
Security Audit
ย 
Information security presentation
Information security presentationInformation security presentation
Information security presentation
ย 
TYPES OF HACKING
TYPES OF HACKINGTYPES OF HACKING
TYPES OF HACKING
ย 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn Hospital
ย 
Cyber security # Lec 1
Cyber security # Lec 1Cyber security # Lec 1
Cyber security # Lec 1
ย 
Security Training: Making your weakest link the strongest - CircleCityCon 2017
Security Training: Making your weakest link the strongest - CircleCityCon 2017Security Training: Making your weakest link the strongest - CircleCityCon 2017
Security Training: Making your weakest link the strongest - CircleCityCon 2017
ย 
Data Classification And Loss Prevention
Data Classification And Loss PreventionData Classification And Loss Prevention
Data Classification And Loss Prevention
ย 
Lecture Data Classification And Data Loss Prevention
Lecture Data Classification And Data Loss PreventionLecture Data Classification And Data Loss Prevention
Lecture Data Classification And Data Loss Prevention
ย 
Cybersecurity for CRM v0219-3
Cybersecurity for CRM v0219-3Cybersecurity for CRM v0219-3
Cybersecurity for CRM v0219-3
ย 
Owasp Mobile Top 10 โ€“ 2014
Owasp Mobile Top 10 โ€“ 2014Owasp Mobile Top 10 โ€“ 2014
Owasp Mobile Top 10 โ€“ 2014
ย 
Hacking
HackingHacking
Hacking
ย 
ILTA Product Briefing: How are your users sharing confidential information?
ILTA Product Briefing: How are your users sharing confidential information? ILTA Product Briefing: How are your users sharing confidential information?
ILTA Product Briefing: How are your users sharing confidential information?
ย 
Competitive cyber security
Competitive cyber securityCompetitive cyber security
Competitive cyber security
ย 

Viewers also liked

Lavignino Do You Know Your Privacy Risks
Lavignino Do You Know Your Privacy RisksLavignino Do You Know Your Privacy Risks
Lavignino Do You Know Your Privacy Risks
National Information Standards Organization (NISO)
ย 
Chris Shillum: Overview of the RA21 proejct presentation
Chris Shillum: Overview of the RA21 proejct presentationChris Shillum: Overview of the RA21 proejct presentation
Chris Shillum: Overview of the RA21 proejct presentation
National Information Standards Organization (NISO)
ย 
Carpenter: Getting Access Control from Here to There
Carpenter: Getting Access Control from Here to ThereCarpenter: Getting Access Control from Here to There
Carpenter: Getting Access Control from Here to There
National Information Standards Organization (NISO)
ย 
Presentation of NISO Altmetrics RP - Charleston Library Conference
Presentation of NISO Altmetrics RP - Charleston Library ConferencePresentation of NISO Altmetrics RP - Charleston Library Conference
Presentation of NISO Altmetrics RP - Charleston Library Conference
National Information Standards Organization (NISO)
ย 
Ralph Youngen: Evolving Identity & Access Management at ACS Presentation
Ralph Youngen: Evolving Identity & Access Management at ACS PresentationRalph Youngen: Evolving Identity & Access Management at ACS Presentation
Ralph Youngen: Evolving Identity & Access Management at ACS Presentation
National Information Standards Organization (NISO)
ย 
Madsen Digital Preservation Policy & Strategy
Madsen Digital Preservation Policy & StrategyMadsen Digital Preservation Policy & Strategy
Madsen Digital Preservation Policy & Strategy
National Information Standards Organization (NISO)
ย 
VanDyck Long-Term Preservation of Digital Scholarly Literature
VanDyck Long-Term Preservation of Digital Scholarly LiteratureVanDyck Long-Term Preservation of Digital Scholarly Literature
VanDyck Long-Term Preservation of Digital Scholarly Literature
National Information Standards Organization (NISO)
ย 
Ferrante Durable Access to Digital Primary Sources
Ferrante Durable Access to Digital Primary SourcesFerrante Durable Access to Digital Primary Sources
Ferrante Durable Access to Digital Primary Sources
National Information Standards Organization (NISO)
ย 
Wittenberg Portico: Lessons From a Community Supported Archive
Wittenberg Portico: Lessons From a Community Supported ArchiveWittenberg Portico: Lessons From a Community Supported Archive
Wittenberg Portico: Lessons From a Community Supported Archive
National Information Standards Organization (NISO)
ย 
Wheeler & Benedict -- Enabling the Preservation Relay
Wheeler & Benedict -- Enabling the Preservation RelayWheeler & Benedict -- Enabling the Preservation Relay
Wheeler & Benedict -- Enabling the Preservation Relay
National Information Standards Organization (NISO)
ย 
Goethals Harvard Library's Digital Preservation Repository
Goethals Harvard Library's Digital Preservation RepositoryGoethals Harvard Library's Digital Preservation Repository
Goethals Harvard Library's Digital Preservation Repository
National Information Standards Organization (NISO)
ย 
Waraksa Digital Library of the Middle East
Waraksa Digital Library of the Middle EastWaraksa Digital Library of the Middle East
Waraksa Digital Library of the Middle East
National Information Standards Organization (NISO)
ย 
Herdrich -The Digital Library of the Middle East (DLME)
Herdrich -The Digital Library of the Middle East (DLME)Herdrich -The Digital Library of the Middle East (DLME)
Herdrich -The Digital Library of the Middle East (DLME)
National Information Standards Organization (NISO)
ย 
Lโ€™acquisition dโ€™un outil de dรฉcouverte_Expรฉrience de l'Universitรฉ Sherbrooke_...
Lโ€™acquisition dโ€™un outil de dรฉcouverte_Expรฉrience de l'Universitรฉ Sherbrooke_...Lโ€™acquisition dโ€™un outil de dรฉcouverte_Expรฉrience de l'Universitรฉ Sherbrooke_...
Lโ€™acquisition dโ€™un outil de dรฉcouverte_Expรฉrience de l'Universitรฉ Sherbrooke_...nst2011
ย 
Kettler Information Digitization in the Humanities
Kettler Information Digitization in the HumanitiesKettler Information Digitization in the Humanities
Kettler Information Digitization in the Humanities
National Information Standards Organization (NISO)
ย 
Gonzalez Creating a Digital Makerspace
Gonzalez Creating a Digital MakerspaceGonzalez Creating a Digital Makerspace
Gonzalez Creating a Digital Makerspace
National Information Standards Organization (NISO)
ย 
Neylon From Principles to Action
Neylon From Principles to ActionNeylon From Principles to Action
Neylon From Principles to Action
National Information Standards Organization (NISO)
ย 
Viggio Open VIVO
Viggio Open VIVOViggio Open VIVO
Viggio Open VIVO
National Information Standards Organization (NISO)
ย 
Baraniuk public-openstax
Baraniuk public-openstaxBaraniuk public-openstax
Baraniuk public-openstax
National Information Standards Organization (NISO)
ย 
Weisberg - Museums and the Internet of Things
Weisberg - Museums and the Internet of ThingsWeisberg - Museums and the Internet of Things
Weisberg - Museums and the Internet of Things
National Information Standards Organization (NISO)
ย 

Viewers also liked (20)

Lavignino Do You Know Your Privacy Risks
Lavignino Do You Know Your Privacy RisksLavignino Do You Know Your Privacy Risks
Lavignino Do You Know Your Privacy Risks
ย 
Chris Shillum: Overview of the RA21 proejct presentation
Chris Shillum: Overview of the RA21 proejct presentationChris Shillum: Overview of the RA21 proejct presentation
Chris Shillum: Overview of the RA21 proejct presentation
ย 
Carpenter: Getting Access Control from Here to There
Carpenter: Getting Access Control from Here to ThereCarpenter: Getting Access Control from Here to There
Carpenter: Getting Access Control from Here to There
ย 
Presentation of NISO Altmetrics RP - Charleston Library Conference
Presentation of NISO Altmetrics RP - Charleston Library ConferencePresentation of NISO Altmetrics RP - Charleston Library Conference
Presentation of NISO Altmetrics RP - Charleston Library Conference
ย 
Ralph Youngen: Evolving Identity & Access Management at ACS Presentation
Ralph Youngen: Evolving Identity & Access Management at ACS PresentationRalph Youngen: Evolving Identity & Access Management at ACS Presentation
Ralph Youngen: Evolving Identity & Access Management at ACS Presentation
ย 
Madsen Digital Preservation Policy & Strategy
Madsen Digital Preservation Policy & StrategyMadsen Digital Preservation Policy & Strategy
Madsen Digital Preservation Policy & Strategy
ย 
VanDyck Long-Term Preservation of Digital Scholarly Literature
VanDyck Long-Term Preservation of Digital Scholarly LiteratureVanDyck Long-Term Preservation of Digital Scholarly Literature
VanDyck Long-Term Preservation of Digital Scholarly Literature
ย 
Ferrante Durable Access to Digital Primary Sources
Ferrante Durable Access to Digital Primary SourcesFerrante Durable Access to Digital Primary Sources
Ferrante Durable Access to Digital Primary Sources
ย 
Wittenberg Portico: Lessons From a Community Supported Archive
Wittenberg Portico: Lessons From a Community Supported ArchiveWittenberg Portico: Lessons From a Community Supported Archive
Wittenberg Portico: Lessons From a Community Supported Archive
ย 
Wheeler & Benedict -- Enabling the Preservation Relay
Wheeler & Benedict -- Enabling the Preservation RelayWheeler & Benedict -- Enabling the Preservation Relay
Wheeler & Benedict -- Enabling the Preservation Relay
ย 
Goethals Harvard Library's Digital Preservation Repository
Goethals Harvard Library's Digital Preservation RepositoryGoethals Harvard Library's Digital Preservation Repository
Goethals Harvard Library's Digital Preservation Repository
ย 
Waraksa Digital Library of the Middle East
Waraksa Digital Library of the Middle EastWaraksa Digital Library of the Middle East
Waraksa Digital Library of the Middle East
ย 
Herdrich -The Digital Library of the Middle East (DLME)
Herdrich -The Digital Library of the Middle East (DLME)Herdrich -The Digital Library of the Middle East (DLME)
Herdrich -The Digital Library of the Middle East (DLME)
ย 
Lโ€™acquisition dโ€™un outil de dรฉcouverte_Expรฉrience de l'Universitรฉ Sherbrooke_...
Lโ€™acquisition dโ€™un outil de dรฉcouverte_Expรฉrience de l'Universitรฉ Sherbrooke_...Lโ€™acquisition dโ€™un outil de dรฉcouverte_Expรฉrience de l'Universitรฉ Sherbrooke_...
Lโ€™acquisition dโ€™un outil de dรฉcouverte_Expรฉrience de l'Universitรฉ Sherbrooke_...
ย 
Kettler Information Digitization in the Humanities
Kettler Information Digitization in the HumanitiesKettler Information Digitization in the Humanities
Kettler Information Digitization in the Humanities
ย 
Gonzalez Creating a Digital Makerspace
Gonzalez Creating a Digital MakerspaceGonzalez Creating a Digital Makerspace
Gonzalez Creating a Digital Makerspace
ย 
Neylon From Principles to Action
Neylon From Principles to ActionNeylon From Principles to Action
Neylon From Principles to Action
ย 
Viggio Open VIVO
Viggio Open VIVOViggio Open VIVO
Viggio Open VIVO
ย 
Baraniuk public-openstax
Baraniuk public-openstaxBaraniuk public-openstax
Baraniuk public-openstax
ย 
Weisberg - Museums and the Internet of Things
Weisberg - Museums and the Internet of ThingsWeisberg - Museums and the Internet of Things
Weisberg - Museums and the Internet of Things
ย 

Similar to Carver-IT Security for Librarians

Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data Responsibly
Gabor Szathmari
ย 
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
amiinaaa
ย 
Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online Privacy
Kazi Sarwar Hossain
ย 
An Introduction To IT Security And Privacy In Libraries
An Introduction To IT Security And Privacy In Libraries An Introduction To IT Security And Privacy In Libraries
An Introduction To IT Security And Privacy In Libraries
Blake Carver
ย 
Data Protection, Humans and Common Sense
Data Protection, Humans and Common SenseData Protection, Humans and Common Sense
Data Protection, Humans and Common Sense
usbcopynotify
ย 
Cyber security for small businesses
Cyber security for small businessesCyber security for small businesses
Cyber security for small businesses
B2BPlanner Ltd.
ย 
Crush Common Cybersecurity Threats with Privilege Access Management
Crush Common Cybersecurity Threats with Privilege Access ManagementCrush Common Cybersecurity Threats with Privilege Access Management
Crush Common Cybersecurity Threats with Privilege Access Management
BeyondTrust
ย 
Security 101 for No- techies
Security 101 for No- techiesSecurity 101 for No- techies
Security 101 for No- techies
Brenton Johnson
ย 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
OoXair
ย 
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdfitsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
MansoorAhmed57263
ย 
Secure Coding - Are we doing it wrong
Secure Coding - Are we doing it wrongSecure Coding - Are we doing it wrong
Secure Coding - Are we doing it wrong
bryns
ย 
Steps and Tips to Protect Yourself and your Private Information while Online....
Steps and Tips to Protect Yourself and your Private Information while Online....Steps and Tips to Protect Yourself and your Private Information while Online....
Steps and Tips to Protect Yourself and your Private Information while Online....
Abzetdin Adamov
ย 
Keeping you and your library safe and secure
Keeping you and your library safe and secureKeeping you and your library safe and secure
Keeping you and your library safe and secure
LYRASIS
ย 
Protecting Your Privacy: Cyberspace Security, Real World Safety
Protecting Your Privacy: Cyberspace Security, Real World SafetyProtecting Your Privacy: Cyberspace Security, Real World Safety
Protecting Your Privacy: Cyberspace Security, Real World Safety
AEGILITY
ย 
An Introduction To IT Security And Privacy In Libraries & Anywhere
An Introduction To IT Security And Privacy In Libraries & AnywhereAn Introduction To IT Security And Privacy In Libraries & Anywhere
An Introduction To IT Security And Privacy In Libraries & Anywhere
Blake Carver
ย 
7 Small Business Security Tips
7 Small Business Security Tips7 Small Business Security Tips
7 Small Business Security Tips
Infusionsoft
ย 
Rayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and students
Rayane Hazimeh
ย 
Rayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and students
Rayane Hazimeh
ย 
Building Trust in the Digital Age
Building Trust in the Digital AgeBuilding Trust in the Digital Age
Building Trust in the Digital Age
Marian Merritt
ย 
Office 365 Security Features That Nonprofits Should Know and Use
Office 365 Security Features That Nonprofits Should Know and UseOffice 365 Security Features That Nonprofits Should Know and Use
Office 365 Security Features That Nonprofits Should Know and Use
TechSoup
ย 

Similar to Carver-IT Security for Librarians (20)

Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data Responsibly
ย 
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
ย 
Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online Privacy
ย 
An Introduction To IT Security And Privacy In Libraries
An Introduction To IT Security And Privacy In Libraries An Introduction To IT Security And Privacy In Libraries
An Introduction To IT Security And Privacy In Libraries
ย 
Data Protection, Humans and Common Sense
Data Protection, Humans and Common SenseData Protection, Humans and Common Sense
Data Protection, Humans and Common Sense
ย 
Cyber security for small businesses
Cyber security for small businessesCyber security for small businesses
Cyber security for small businesses
ย 
Crush Common Cybersecurity Threats with Privilege Access Management
Crush Common Cybersecurity Threats with Privilege Access ManagementCrush Common Cybersecurity Threats with Privilege Access Management
Crush Common Cybersecurity Threats with Privilege Access Management
ย 
Security 101 for No- techies
Security 101 for No- techiesSecurity 101 for No- techies
Security 101 for No- techies
ย 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
ย 
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdfitsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
ย 
Secure Coding - Are we doing it wrong
Secure Coding - Are we doing it wrongSecure Coding - Are we doing it wrong
Secure Coding - Are we doing it wrong
ย 
Steps and Tips to Protect Yourself and your Private Information while Online....
Steps and Tips to Protect Yourself and your Private Information while Online....Steps and Tips to Protect Yourself and your Private Information while Online....
Steps and Tips to Protect Yourself and your Private Information while Online....
ย 
Keeping you and your library safe and secure
Keeping you and your library safe and secureKeeping you and your library safe and secure
Keeping you and your library safe and secure
ย 
Protecting Your Privacy: Cyberspace Security, Real World Safety
Protecting Your Privacy: Cyberspace Security, Real World SafetyProtecting Your Privacy: Cyberspace Security, Real World Safety
Protecting Your Privacy: Cyberspace Security, Real World Safety
ย 
An Introduction To IT Security And Privacy In Libraries & Anywhere
An Introduction To IT Security And Privacy In Libraries & AnywhereAn Introduction To IT Security And Privacy In Libraries & Anywhere
An Introduction To IT Security And Privacy In Libraries & Anywhere
ย 
7 Small Business Security Tips
7 Small Business Security Tips7 Small Business Security Tips
7 Small Business Security Tips
ย 
Rayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and students
ย 
Rayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and students
ย 
Building Trust in the Digital Age
Building Trust in the Digital AgeBuilding Trust in the Digital Age
Building Trust in the Digital Age
ย 
Office 365 Security Features That Nonprofits Should Know and Use
Office 365 Security Features That Nonprofits Should Know and UseOffice 365 Security Features That Nonprofits Should Know and Use
Office 365 Security Features That Nonprofits Should Know and Use
ย 

More from National Information Standards Organization (NISO)

Jemison, MacLaughlin, and Majumder "Broadening Pathways for Editors and Authors"
Jemison, MacLaughlin, and Majumder "Broadening Pathways for Editors and Authors"Jemison, MacLaughlin, and Majumder "Broadening Pathways for Editors and Authors"
Jemison, MacLaughlin, and Majumder "Broadening Pathways for Editors and Authors"
National Information Standards Organization (NISO)
ย 
Benner "Expanding Pathways to Publishing Careers"
Benner "Expanding Pathways to Publishing Careers"Benner "Expanding Pathways to Publishing Careers"
Benner "Expanding Pathways to Publishing Careers"
National Information Standards Organization (NISO)
ย 
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
National Information Standards Organization (NISO)
ย 
Mattingly "AI & Prompt Design: Limitations and Solutions with LLMs"
Mattingly "AI & Prompt Design: Limitations and Solutions with LLMs"Mattingly "AI & Prompt Design: Limitations and Solutions with LLMs"
Mattingly "AI & Prompt Design: Limitations and Solutions with LLMs"
National Information Standards Organization (NISO)
ย 
Mattingly "AI and Prompt Design: LLMs with Text Classification and Open Source"
Mattingly "AI and Prompt Design: LLMs with Text Classification and Open Source"Mattingly "AI and Prompt Design: LLMs with Text Classification and Open Source"
Mattingly "AI and Prompt Design: LLMs with Text Classification and Open Source"
National Information Standards Organization (NISO)
ย 
Mattingly "AI and Prompt Design: LLMs with NER"
Mattingly "AI and Prompt Design: LLMs with NER"Mattingly "AI and Prompt Design: LLMs with NER"
Mattingly "AI and Prompt Design: LLMs with NER"
National Information Standards Organization (NISO)
ย 
Mattingly "AI & Prompt Design: Named Entity Recognition"
Mattingly "AI & Prompt Design: Named Entity Recognition"Mattingly "AI & Prompt Design: Named Entity Recognition"
Mattingly "AI & Prompt Design: Named Entity Recognition"
National Information Standards Organization (NISO)
ย 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
National Information Standards Organization (NISO)
ย 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
National Information Standards Organization (NISO)
ย 
Bazargan "NISO Webinar, Sustainability in Publishing"
Bazargan "NISO Webinar, Sustainability in Publishing"Bazargan "NISO Webinar, Sustainability in Publishing"
Bazargan "NISO Webinar, Sustainability in Publishing"
National Information Standards Organization (NISO)
ย 
Rapple "Scholarly Communications and the Sustainable Development Goals"
Rapple "Scholarly Communications and the Sustainable Development Goals"Rapple "Scholarly Communications and the Sustainable Development Goals"
Rapple "Scholarly Communications and the Sustainable Development Goals"
National Information Standards Organization (NISO)
ย 
Compton "NISO Webinar, Sustainability in Publishing"
Compton "NISO Webinar, Sustainability in Publishing"Compton "NISO Webinar, Sustainability in Publishing"
Compton "NISO Webinar, Sustainability in Publishing"
National Information Standards Organization (NISO)
ย 
Mattingly "AI & Prompt Design: Large Language Models"
Mattingly "AI & Prompt Design: Large Language Models"Mattingly "AI & Prompt Design: Large Language Models"
Mattingly "AI & Prompt Design: Large Language Models"
National Information Standards Organization (NISO)
ย 
Hazen, Morse, and Varnum "Spring 2024 ODI Conformance Statement Workshop for ...
Hazen, Morse, and Varnum "Spring 2024 ODI Conformance Statement Workshop for ...Hazen, Morse, and Varnum "Spring 2024 ODI Conformance Statement Workshop for ...
Hazen, Morse, and Varnum "Spring 2024 ODI Conformance Statement Workshop for ...
National Information Standards Organization (NISO)
ย 
Mattingly "AI & Prompt Design" - Introduction to Machine Learning"
Mattingly "AI & Prompt Design" - Introduction to Machine Learning"Mattingly "AI & Prompt Design" - Introduction to Machine Learning"
Mattingly "AI & Prompt Design" - Introduction to Machine Learning"
National Information Standards Organization (NISO)
ย 
Mattingly "Text and Data Mining: Building Data Driven Applications"
Mattingly "Text and Data Mining: Building Data Driven Applications"Mattingly "Text and Data Mining: Building Data Driven Applications"
Mattingly "Text and Data Mining: Building Data Driven Applications"
National Information Standards Organization (NISO)
ย 
Mattingly "Text and Data Mining: Searching Vectors"
Mattingly "Text and Data Mining: Searching Vectors"Mattingly "Text and Data Mining: Searching Vectors"
Mattingly "Text and Data Mining: Searching Vectors"
National Information Standards Organization (NISO)
ย 
Mattingly "Text Mining Techniques"
Mattingly "Text Mining Techniques"Mattingly "Text Mining Techniques"
Mattingly "Text Mining Techniques"
National Information Standards Organization (NISO)
ย 
Mattingly "Text Processing for Library Data: Representing Text as Data"
Mattingly "Text Processing for Library Data: Representing Text as Data"Mattingly "Text Processing for Library Data: Representing Text as Data"
Mattingly "Text Processing for Library Data: Representing Text as Data"
National Information Standards Organization (NISO)
ย 
Carpenter "Designing NISO's New Strategic Plan: 2023-2026"
Carpenter "Designing NISO's New Strategic Plan: 2023-2026"Carpenter "Designing NISO's New Strategic Plan: 2023-2026"
Carpenter "Designing NISO's New Strategic Plan: 2023-2026"
National Information Standards Organization (NISO)
ย 

More from National Information Standards Organization (NISO) (20)

Jemison, MacLaughlin, and Majumder "Broadening Pathways for Editors and Authors"
Jemison, MacLaughlin, and Majumder "Broadening Pathways for Editors and Authors"Jemison, MacLaughlin, and Majumder "Broadening Pathways for Editors and Authors"
Jemison, MacLaughlin, and Majumder "Broadening Pathways for Editors and Authors"
ย 
Benner "Expanding Pathways to Publishing Careers"
Benner "Expanding Pathways to Publishing Careers"Benner "Expanding Pathways to Publishing Careers"
Benner "Expanding Pathways to Publishing Careers"
ย 
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
ย 
Mattingly "AI & Prompt Design: Limitations and Solutions with LLMs"
Mattingly "AI & Prompt Design: Limitations and Solutions with LLMs"Mattingly "AI & Prompt Design: Limitations and Solutions with LLMs"
Mattingly "AI & Prompt Design: Limitations and Solutions with LLMs"
ย 
Mattingly "AI and Prompt Design: LLMs with Text Classification and Open Source"
Mattingly "AI and Prompt Design: LLMs with Text Classification and Open Source"Mattingly "AI and Prompt Design: LLMs with Text Classification and Open Source"
Mattingly "AI and Prompt Design: LLMs with Text Classification and Open Source"
ย 
Mattingly "AI and Prompt Design: LLMs with NER"
Mattingly "AI and Prompt Design: LLMs with NER"Mattingly "AI and Prompt Design: LLMs with NER"
Mattingly "AI and Prompt Design: LLMs with NER"
ย 
Mattingly "AI & Prompt Design: Named Entity Recognition"
Mattingly "AI & Prompt Design: Named Entity Recognition"Mattingly "AI & Prompt Design: Named Entity Recognition"
Mattingly "AI & Prompt Design: Named Entity Recognition"
ย 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
ย 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
ย 
Bazargan "NISO Webinar, Sustainability in Publishing"
Bazargan "NISO Webinar, Sustainability in Publishing"Bazargan "NISO Webinar, Sustainability in Publishing"
Bazargan "NISO Webinar, Sustainability in Publishing"
ย 
Rapple "Scholarly Communications and the Sustainable Development Goals"
Rapple "Scholarly Communications and the Sustainable Development Goals"Rapple "Scholarly Communications and the Sustainable Development Goals"
Rapple "Scholarly Communications and the Sustainable Development Goals"
ย 
Compton "NISO Webinar, Sustainability in Publishing"
Compton "NISO Webinar, Sustainability in Publishing"Compton "NISO Webinar, Sustainability in Publishing"
Compton "NISO Webinar, Sustainability in Publishing"
ย 
Mattingly "AI & Prompt Design: Large Language Models"
Mattingly "AI & Prompt Design: Large Language Models"Mattingly "AI & Prompt Design: Large Language Models"
Mattingly "AI & Prompt Design: Large Language Models"
ย 
Hazen, Morse, and Varnum "Spring 2024 ODI Conformance Statement Workshop for ...
Hazen, Morse, and Varnum "Spring 2024 ODI Conformance Statement Workshop for ...Hazen, Morse, and Varnum "Spring 2024 ODI Conformance Statement Workshop for ...
Hazen, Morse, and Varnum "Spring 2024 ODI Conformance Statement Workshop for ...
ย 
Mattingly "AI & Prompt Design" - Introduction to Machine Learning"
Mattingly "AI & Prompt Design" - Introduction to Machine Learning"Mattingly "AI & Prompt Design" - Introduction to Machine Learning"
Mattingly "AI & Prompt Design" - Introduction to Machine Learning"
ย 
Mattingly "Text and Data Mining: Building Data Driven Applications"
Mattingly "Text and Data Mining: Building Data Driven Applications"Mattingly "Text and Data Mining: Building Data Driven Applications"
Mattingly "Text and Data Mining: Building Data Driven Applications"
ย 
Mattingly "Text and Data Mining: Searching Vectors"
Mattingly "Text and Data Mining: Searching Vectors"Mattingly "Text and Data Mining: Searching Vectors"
Mattingly "Text and Data Mining: Searching Vectors"
ย 
Mattingly "Text Mining Techniques"
Mattingly "Text Mining Techniques"Mattingly "Text Mining Techniques"
Mattingly "Text Mining Techniques"
ย 
Mattingly "Text Processing for Library Data: Representing Text as Data"
Mattingly "Text Processing for Library Data: Representing Text as Data"Mattingly "Text Processing for Library Data: Representing Text as Data"
Mattingly "Text Processing for Library Data: Representing Text as Data"
ย 
Carpenter "Designing NISO's New Strategic Plan: 2023-2026"
Carpenter "Designing NISO's New Strategic Plan: 2023-2026"Carpenter "Designing NISO's New Strategic Plan: 2023-2026"
Carpenter "Designing NISO's New Strategic Plan: 2023-2026"
ย 

Recently uploaded

HYPERTENSION - SLIDE SHARE PRESENTATION.
HYPERTENSION - SLIDE SHARE PRESENTATION.HYPERTENSION - SLIDE SHARE PRESENTATION.
HYPERTENSION - SLIDE SHARE PRESENTATION.
deepaannamalai16
ย 
Philippine Edukasyong Pantahanan at Pangkabuhayan (EPP) Curriculum
Philippine Edukasyong Pantahanan at Pangkabuhayan (EPP) CurriculumPhilippine Edukasyong Pantahanan at Pangkabuhayan (EPP) Curriculum
Philippine Edukasyong Pantahanan at Pangkabuhayan (EPP) Curriculum
MJDuyan
ย 
Bร€I TแบฌP Bแป” TRแปข TIแบพNG ANH LแปšP 9 Cแบข Nฤ‚M - GLOBAL SUCCESS - Nฤ‚M HแปŒC 2024-2025 - ...
Bร€I TแบฌP Bแป” TRแปข TIแบพNG ANH LแปšP 9 Cแบข Nฤ‚M - GLOBAL SUCCESS - Nฤ‚M HแปŒC 2024-2025 - ...Bร€I TแบฌP Bแป” TRแปข TIแบพNG ANH LแปšP 9 Cแบข Nฤ‚M - GLOBAL SUCCESS - Nฤ‚M HแปŒC 2024-2025 - ...
Bร€I TแบฌP Bแป” TRแปข TIแบพNG ANH LแปšP 9 Cแบข Nฤ‚M - GLOBAL SUCCESS - Nฤ‚M HแปŒC 2024-2025 - ...
Nguyen Thanh Tu Collection
ย 
Wound healing PPT
Wound healing PPTWound healing PPT
Wound healing PPT
Jyoti Chand
ย 
ู…ุตุญู ุงู„ู‚ุฑุงุกุงุช ุงู„ุนุดุฑ ุฃุนุฏ ุฃุญุฑู ุงู„ุฎู„ุงู ุณู…ูŠุฑ ุจุณูŠูˆู†ูŠ.pdf
ู…ุตุญู ุงู„ู‚ุฑุงุกุงุช ุงู„ุนุดุฑ ุฃุนุฏ ุฃุญุฑู ุงู„ุฎู„ุงู ุณู…ูŠุฑ ุจุณูŠูˆู†ูŠ.pdfู…ุตุญู ุงู„ู‚ุฑุงุกุงุช ุงู„ุนุดุฑ ุฃุนุฏ ุฃุญุฑู ุงู„ุฎู„ุงู ุณู…ูŠุฑ ุจุณูŠูˆู†ูŠ.pdf
ู…ุตุญู ุงู„ู‚ุฑุงุกุงุช ุงู„ุนุดุฑ ุฃุนุฏ ุฃุญุฑู ุงู„ุฎู„ุงู ุณู…ูŠุฑ ุจุณูŠูˆู†ูŠ.pdf
ุณู…ูŠุฑ ุจุณูŠูˆู†ูŠ
ย 
SWOT analysis in the project Keeping the Memory @live.pptx
SWOT analysis in the project Keeping the Memory @live.pptxSWOT analysis in the project Keeping the Memory @live.pptx
SWOT analysis in the project Keeping the Memory @live.pptx
zuzanka
ย 
Leveraging Generative AI to Drive Nonprofit Innovation
Leveraging Generative AI to Drive Nonprofit InnovationLeveraging Generative AI to Drive Nonprofit Innovation
Leveraging Generative AI to Drive Nonprofit Innovation
TechSoup
ย 
Electric Fetus - Record Store Scavenger Hunt
Electric Fetus - Record Store Scavenger HuntElectric Fetus - Record Store Scavenger Hunt
Electric Fetus - Record Store Scavenger Hunt
RamseyBerglund
ย 
How Barcodes Can Be Leveraged Within Odoo 17
How Barcodes Can Be Leveraged Within Odoo 17How Barcodes Can Be Leveraged Within Odoo 17
How Barcodes Can Be Leveraged Within Odoo 17
Celine George
ย 
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptxNEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
iammrhaywood
ย 
RESULTS OF THE EVALUATION QUESTIONNAIRE.pptx
RESULTS OF THE EVALUATION QUESTIONNAIRE.pptxRESULTS OF THE EVALUATION QUESTIONNAIRE.pptx
RESULTS OF THE EVALUATION QUESTIONNAIRE.pptx
zuzanka
ย 
MDP on air pollution of class 8 year 2024-2025
MDP on air pollution of class 8 year 2024-2025MDP on air pollution of class 8 year 2024-2025
MDP on air pollution of class 8 year 2024-2025
khuleseema60
ย 
Elevate Your Nonprofit's Online Presence_ A Guide to Effective SEO Strategies...
Elevate Your Nonprofit's Online Presence_ A Guide to Effective SEO Strategies...Elevate Your Nonprofit's Online Presence_ A Guide to Effective SEO Strategies...
Elevate Your Nonprofit's Online Presence_ A Guide to Effective SEO Strategies...
TechSoup
ย 
REASIGNACION 2024 UGEL CHUPACA 2024 UGEL CHUPACA.pdf
REASIGNACION 2024 UGEL CHUPACA 2024 UGEL CHUPACA.pdfREASIGNACION 2024 UGEL CHUPACA 2024 UGEL CHUPACA.pdf
REASIGNACION 2024 UGEL CHUPACA 2024 UGEL CHUPACA.pdf
giancarloi8888
ย 
Bossa Nโ€™ Roll Records by Ismael Vazquez.
Bossa Nโ€™ Roll Records by Ismael Vazquez.Bossa Nโ€™ Roll Records by Ismael Vazquez.
Bossa Nโ€™ Roll Records by Ismael Vazquez.
IsmaelVazquez38
ย 
Educational Technology in the Health Sciences
Educational Technology in the Health SciencesEducational Technology in the Health Sciences
Educational Technology in the Health Sciences
Iris Thiele Isip-Tan
ย 
Mule event processing models | MuleSoft Mysore Meetup #47
Mule event processing models | MuleSoft Mysore Meetup #47Mule event processing models | MuleSoft Mysore Meetup #47
Mule event processing models | MuleSoft Mysore Meetup #47
MysoreMuleSoftMeetup
ย 
Stack Memory Organization of 8086 Microprocessor
Stack Memory Organization of 8086 MicroprocessorStack Memory Organization of 8086 Microprocessor
Stack Memory Organization of 8086 Microprocessor
JomonJoseph58
ย 
Chapter wise All Notes of First year Basic Civil Engineering.pptx
Chapter wise All Notes of First year Basic Civil Engineering.pptxChapter wise All Notes of First year Basic Civil Engineering.pptx
Chapter wise All Notes of First year Basic Civil Engineering.pptx
Denish Jangid
ย 
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
GeorgeMilliken2
ย 

Recently uploaded (20)

HYPERTENSION - SLIDE SHARE PRESENTATION.
HYPERTENSION - SLIDE SHARE PRESENTATION.HYPERTENSION - SLIDE SHARE PRESENTATION.
HYPERTENSION - SLIDE SHARE PRESENTATION.
ย 
Philippine Edukasyong Pantahanan at Pangkabuhayan (EPP) Curriculum
Philippine Edukasyong Pantahanan at Pangkabuhayan (EPP) CurriculumPhilippine Edukasyong Pantahanan at Pangkabuhayan (EPP) Curriculum
Philippine Edukasyong Pantahanan at Pangkabuhayan (EPP) Curriculum
ย 
Bร€I TแบฌP Bแป” TRแปข TIแบพNG ANH LแปšP 9 Cแบข Nฤ‚M - GLOBAL SUCCESS - Nฤ‚M HแปŒC 2024-2025 - ...
Bร€I TแบฌP Bแป” TRแปข TIแบพNG ANH LแปšP 9 Cแบข Nฤ‚M - GLOBAL SUCCESS - Nฤ‚M HแปŒC 2024-2025 - ...Bร€I TแบฌP Bแป” TRแปข TIแบพNG ANH LแปšP 9 Cแบข Nฤ‚M - GLOBAL SUCCESS - Nฤ‚M HแปŒC 2024-2025 - ...
Bร€I TแบฌP Bแป” TRแปข TIแบพNG ANH LแปšP 9 Cแบข Nฤ‚M - GLOBAL SUCCESS - Nฤ‚M HแปŒC 2024-2025 - ...
ย 
Wound healing PPT
Wound healing PPTWound healing PPT
Wound healing PPT
ย 
ู…ุตุญู ุงู„ู‚ุฑุงุกุงุช ุงู„ุนุดุฑ ุฃุนุฏ ุฃุญุฑู ุงู„ุฎู„ุงู ุณู…ูŠุฑ ุจุณูŠูˆู†ูŠ.pdf
ู…ุตุญู ุงู„ู‚ุฑุงุกุงุช ุงู„ุนุดุฑ ุฃุนุฏ ุฃุญุฑู ุงู„ุฎู„ุงู ุณู…ูŠุฑ ุจุณูŠูˆู†ูŠ.pdfู…ุตุญู ุงู„ู‚ุฑุงุกุงุช ุงู„ุนุดุฑ ุฃุนุฏ ุฃุญุฑู ุงู„ุฎู„ุงู ุณู…ูŠุฑ ุจุณูŠูˆู†ูŠ.pdf
ู…ุตุญู ุงู„ู‚ุฑุงุกุงุช ุงู„ุนุดุฑ ุฃุนุฏ ุฃุญุฑู ุงู„ุฎู„ุงู ุณู…ูŠุฑ ุจุณูŠูˆู†ูŠ.pdf
ย 
SWOT analysis in the project Keeping the Memory @live.pptx
SWOT analysis in the project Keeping the Memory @live.pptxSWOT analysis in the project Keeping the Memory @live.pptx
SWOT analysis in the project Keeping the Memory @live.pptx
ย 
Leveraging Generative AI to Drive Nonprofit Innovation
Leveraging Generative AI to Drive Nonprofit InnovationLeveraging Generative AI to Drive Nonprofit Innovation
Leveraging Generative AI to Drive Nonprofit Innovation
ย 
Electric Fetus - Record Store Scavenger Hunt
Electric Fetus - Record Store Scavenger HuntElectric Fetus - Record Store Scavenger Hunt
Electric Fetus - Record Store Scavenger Hunt
ย 
How Barcodes Can Be Leveraged Within Odoo 17
How Barcodes Can Be Leveraged Within Odoo 17How Barcodes Can Be Leveraged Within Odoo 17
How Barcodes Can Be Leveraged Within Odoo 17
ย 
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptxNEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
NEWSPAPERS - QUESTION 1 - REVISION POWERPOINT.pptx
ย 
RESULTS OF THE EVALUATION QUESTIONNAIRE.pptx
RESULTS OF THE EVALUATION QUESTIONNAIRE.pptxRESULTS OF THE EVALUATION QUESTIONNAIRE.pptx
RESULTS OF THE EVALUATION QUESTIONNAIRE.pptx
ย 
MDP on air pollution of class 8 year 2024-2025
MDP on air pollution of class 8 year 2024-2025MDP on air pollution of class 8 year 2024-2025
MDP on air pollution of class 8 year 2024-2025
ย 
Elevate Your Nonprofit's Online Presence_ A Guide to Effective SEO Strategies...
Elevate Your Nonprofit's Online Presence_ A Guide to Effective SEO Strategies...Elevate Your Nonprofit's Online Presence_ A Guide to Effective SEO Strategies...
Elevate Your Nonprofit's Online Presence_ A Guide to Effective SEO Strategies...
ย 
REASIGNACION 2024 UGEL CHUPACA 2024 UGEL CHUPACA.pdf
REASIGNACION 2024 UGEL CHUPACA 2024 UGEL CHUPACA.pdfREASIGNACION 2024 UGEL CHUPACA 2024 UGEL CHUPACA.pdf
REASIGNACION 2024 UGEL CHUPACA 2024 UGEL CHUPACA.pdf
ย 
Bossa Nโ€™ Roll Records by Ismael Vazquez.
Bossa Nโ€™ Roll Records by Ismael Vazquez.Bossa Nโ€™ Roll Records by Ismael Vazquez.
Bossa Nโ€™ Roll Records by Ismael Vazquez.
ย 
Educational Technology in the Health Sciences
Educational Technology in the Health SciencesEducational Technology in the Health Sciences
Educational Technology in the Health Sciences
ย 
Mule event processing models | MuleSoft Mysore Meetup #47
Mule event processing models | MuleSoft Mysore Meetup #47Mule event processing models | MuleSoft Mysore Meetup #47
Mule event processing models | MuleSoft Mysore Meetup #47
ย 
Stack Memory Organization of 8086 Microprocessor
Stack Memory Organization of 8086 MicroprocessorStack Memory Organization of 8086 Microprocessor
Stack Memory Organization of 8086 Microprocessor
ย 
Chapter wise All Notes of First year Basic Civil Engineering.pptx
Chapter wise All Notes of First year Basic Civil Engineering.pptxChapter wise All Notes of First year Basic Civil Engineering.pptx
Chapter wise All Notes of First year Basic Civil Engineering.pptx
ย 
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
ย 

Carver-IT Security for Librarians

  • 1. IT Security For Librarians Blake Carver LYRASIS Systems Administrator
  • 2. Everything You Need To Know Use Good Passwords Stay Paranoid & Vigilant Use Routine Backups Keep Everything Patched / Updated Think Before You Share Or Connect Intro
  • 3. Other Things Passwords are Key ALL Software Has Flaws Security Is Complicated Everyone Plays A Part
  • 4. If Vs. When Somethings are IFs, somethings are WHENs Some things are Likely Some things Possible
  • 5. โ— โ— โ— โ— โ— โ— โ— โ— Bad Guys? Hackers? Crackers? Criminals? Intro
  • 6.
  • 7.
  • 8.
  • 9. โ— โ— โ— โ— โ— โ— โ— โ— Security Cyber Security? IT Security? Safety? Information Security? Information Literacy? The Digital Divide? Intro
  • 10. โ€œSecurity is two different things: It's a feeling & It's a reality โ€ Bruce Schneier โ€“ TedxPSU Intro
  • 12. Security & Privacy are, Getting Better, But they're Getting Worse FasterIntro
  • 13. Why does this keep happening? The Internet was built for openness and speed More Things Online โ€“ More Targets Old, out-of-date systems and budget shortfalls New poorly designed systems Surveillance is the business of the Internet
  • 14. Vulnerabilities โ— โ— โ— โ— โ— โ— โ— โ— Intro The vulnerability can be exploited remotely Used without any account credentials Not easily noticed or repaired The attack can be used, reused and scaled Chained and used with other common vulnerabilities
  • 18. ALL the tools and attacks only ever get bigger better faster stronger cheaper easier and more common.
  • 19. Not much of this crime is new Automation Distance "Technique Propagation" (โ€œOnly the first attacker has to be skilled; everyone else can use his software.โ€) Intro
  • 20. The technology of the internet makes the bad guys vastly more efficient. Intro
  • 21. It's Safe Behind The Keyboard Hacking is a really safe crime. Comparatively. To other real life crime
  • 22. Intro
  • 23. Where Are They Working? โ€ข Social Networks โ€ข Search Engines โ€ข Advertising โ€ข Email โ€ข Web Sites โ€ข Web Servers โ€ข Home Computers โ€ข Mobile Devices Intro
  • 24. This is the work of a rogue industry, not a roguish teenager Intro
  • 25. What Are They After? โ€ข PINs โ€ข Passwords โ€ข Credit Cards โ€ข Bank Accounts โ€ข Usernames โ€ข Contact Lists โ€ข Emails โ€ข Phone Numbers โ€ข Your Hardware... Intro
  • 27. Personal information is the currency of the underground economy Intro
  • 28. Personal information is the currency of the entire Internet economy Intro
  • 29.
  • 30. What's It Worth?Credit Cards: $5-$30 Basic or โ€œRandomโ€$5-$8 With Bank ID# $15 With Date of Birth $15 With Fullzinfo $30 Payment service accounts: $20-$300 containing from US$400 to $1,000 between $20 and $50 containing from $5,000 to $8,000 range from $200 to $300 Bank login credentials: $190-$500 A $2,200 balance account selling for $190. $500 for a $6,000 account balance, to $1,200 for a $20,000 account balance Online premium content services: $.55-$15 Online video streaming($0.25 to $1) premium cable channel streaming services ($7.50) premium comic book services ($0.55) professional sports streaming ($15) Loyalty, community accounts: $20-$1400 A major hotel brand loyalty account with 100,000 points for sale for $20 An online auction community account with high reputation marks priced at $1,400 "The Hidden Data Economy" study by MacAfee October 2015
  • 32. "None of this is about being "unhackable"; itโ€™s about making the difficulty of doing so not worth the effort." Intro
  • 33. Intro
  • 35. Think Differentโ€ฆ Have A Hacker Mindset Have A Security Mindset Intro
  • 36. Building a Defensible Library Lock Things Down Grant Least Privilege Whitelisting - Patches โ€“ Limit Admins Threat Modeling Everything With An IP Address Matters Training New Instincts Never Without The WHY
  • 37. Libraries Live Below The Security Poverty Line(Wendy Nather) We simply can't afford to reach a great level of security Few or no IT People Few or no Security People Hard to keep up with technology and security Maintenance, planning, strategy are 2nd to OMG Depend on consultants, vendors, family, patrons, friends, volunteers, etc...
  • 38. What Does A Library Need To Protect? OPAC / ILS Staff Computers Databases Printers / Copiers Website Servers Backups Printers Cameras Wi-Fi Routers Routers Cell Phones Ipads Laptops
  • 39. Things (The IoT) โ— Security is an afterthought. โ— The lack of security education by most of the stakeholders โ— The lack of security education by consumers โ— Security is a cost center โ— Security makes things more expensive โ— Security makes things hard to use
  • 40. Locking Down Computers โ€ข Patching and Updating โ€“OS and *ALL* Applications โ€ข Whitelisting โ€ข BIOS passwords โ€ข SteadyState / DeepFreeze / SmartShield โ€ข Check for USB additions โ€ข Admin โ€ข Donโ€™t use Windows? โ€ข Donโ€™t use IE? IT Security For Libraries
  • 41. Donโ€™t Forget โ€ข Check the internet for usernames/passwords for your library (e.g. pastebin.com) โ€ข HTTPS โ€ข Is your domain name going to expire? โ€ข Is you SSL Cert going to expire? โ€ข Typo Squatters? IT Security For Libraries
  • 44. The correlation between effort & results is questionable You could have no security and be lucky. You could have great security and just get really unlucky and have a determined hacker.
  • 45. Do something to make the bad guys job harder
  • 46. Perfect is the enemy of the Good
  • 47. Remember: This about your libraryโ€™s security and protecting your libraryโ€™s brand and reputation and your patrons. The only way this can happen is if security and risk management become regular parts of library conversation.
  • 48. Everything You Need To Know Use Great Passwords Strong (Long, Complex) Unique Stay Paranoid & Vigilant Never Trust Anything or Anyone Always Double Check Think Before You Click Use Routine Backups Keep Everything Patched / Updated Think Before You Share Intro
  • 49. Building a Defensible Library Lock Things Down Grant Least Privilege Whitelisting - Patches โ€“ Limit Admins Threat Modeling Everything With An IP Address Matters Training New Instincts Never Without The WHY
  • 50. IT Security For Librarians Blake Carver LYRASIS Systems Administrator