The 10-Minute Digital Librarian #8: Check your cybersecurity

The pandemic has led both to growing reliance on the internet and other digital tools to go about our lives, but also growing awareness of the risks that come with them.

Cybersecurity is all about keeping information and services safe from unauthorised access and use. It helps ensure not only that library systems are working as they should and that information is available when people need it, but it is also a question of protection of privacy.

There are various tools that exist to promote security, for example through encrypting information sent online, or defending against viruses or malware (malicious software). There is also an important role for individuals in adopting practices that reduce risks.

In the case of libraries, it will not always be the case that it is possible to control all aspects of cybersecurity. For example, key decisions may be in the hands of a host institution or local/national government.

However, as part of libraries’ mission to promote online safety and privacy, it is good to be aware of what the risks are, and to act – either yourself or by calling on others – where there are risks that can be easily avoided.

So for our 8th 10-Minute Digital Librarian, check on your cybersecurity!

There are various useful and simple steps you can take to do this.

For example, making sure that your computers have received the relevant updates and patches is important – this can help ensure that you are protected against the most recent threats.

Another is to make back-up copies of key information – this can help mean that a ransomware attack does not end up preventing you from accessing key data.

A further idea is to enforce a strong password policy, in order to ensure that yours and colleagues’ devices do not become entry points.

If you have more time, you can carry out more of a review of the assets you have, and the risks you might face. For example, you may want to think about whether to encrypt your website (using https rather than http) if you have not already.

You can also consider which third party vendors, such as databases or other services, have access to your users’ data. Do they have proper policies in place to promote cybersecurity?

A step further, as highlighted in our last two posts, is to become more proactive, and integrate cybersecurity into your wider work to promote digital literacy.

You can find further ideas in our blog on cybersecurity from last year.

Let us know what steps you have taken to improve cybersecurity in your library in the comments box below.

Good luck!


If you are interested in issues around digital safety and privacy more broadly, you should take a look at the work of IFLA’s Libraries for Children and Young Adults Section, as well as our Advisory Committee on Freedom of Access to Information and Freedom of Expression.

Discover our series of 10-Minute Digital Librarian posts as it grows.