October 27-29 Monterey Marriott
Monterey, California
Bookmark and Share

Monday, October 27, 2014

B106 - Website Security FAQ

4:15 p.m. - 5:00 p.m.
Steinbeck Forum (Conference Center)
Richard Thomchick, Student, San Jose State University School of Library and Information Science
Tonia San Nicolas-Rocca, Assistant Professor, San Jose State University
Athena Hoeppner, Discovery Services Librarian, Libraries, University of Central Florida Libraries

Keeping your “users” login/account information safe is a “must” on the to-do list of any library. SJSU speakers look at the challenges of keeping user data safe and their online activity private. Encryption provides basic security for website visitors, and most sites use HTTPS, an encrypted form of HTTP, to protect sensitive content such as passwords and e-commerce transactions. But it is not enough. Attack kits such as Firesheep and sslstrip have demonstrated just how easy it is to exploit gaps in encryption and compromise user privacy not just on social media sites, but on any web application, including library websites and OPACs. The Electronic Frontier Foundation and others urge us to use HTTPS all the time, on every page, for all content. Get the knowledge and tools you need to identify and plug the HTTPS gaps in library websites, OPACs, blogs, and other web applications so you can better safeguard the online privacy of your patrons and instill a strong sense of trust in the digital services your organization provides. Take away tips and best practices for HTTPS implementation and a list of free online tools you can use to test your website. Hoeppner explains how libraries can use Shibboleth to improve access to e-resources and protect an individual’s privacy. For most libraries, Shibboleth remains a mysterious, little-known alternative to EZ Proxy and IP recognition for authentication and access to e-resources. At first glance, the steep learning curve, unknown administrative requirements, and uncertain advantages can be daunting. Follow Hoeppner’s footsteps as she learned Shibboleth basics and jargon, took implementation steps for librarians and for IT, and reached out to users, and grab her lessons learned and options for expressing the value of the effort to administrators.

Get Updates by email


  • Twitter
  • LinkedIn
  • Facebook


Library Leaders Digital Strategy Summit

Gold Sponsor


Learning Partner

Special Libraries Association

Association Sponsor

Association of Independent Information Professionals (AIIP)

Media Sponsors

Business Wire
Computers in Libraries Magazine
Information Today
Internet@Schools Magazine
Online Searcher