Digital Security Detective

You’ve now learned the basics of digital security. Practice your new skills by reading these accounts of library workers in the field.Detective Hat and Magnifying Glass

 

Meet Jamie

Jamie works in technical services at a nearby community college library and also does a few hours at the reference desk. Jamie comes to work and logs into her computer, the ILS, a messaging app to communicate with colleagues, and the intranet. She was using one password for all the accounts, but was told to create complex, unique passwords for each account by IT staff. It was too hard to remember them all so she keeps a handwritten list in her desk drawer.

When she’s working at the reference desk she has to log into everything again and remember to log out at the end of her shift since she’s using a shared computer. Sometimes Jamie brings her list with all the passwords out to the reference desk where she keeps it in an unlocked drawer. At the end of every shift she brings it back to her desk, except for a couple of times when she’s forgotten and picked it up the next morning.

What recommendations would you make to improve their digital security practices?

Using one password for all accounts - Writing passwords on paper and not keeping it secured - Possibly not logging out of accounts

Meet Mel

Mel works as an adult librarian at a busy public library. Yesterday, a user came to the service desk explaining that he was having trouble with the computer. He told them that he wanted to print a very important document, but was not able to do it from the public terminal. Mel started walking the user back to the public terminals only to discover all of them were being used. They felt a moment of panic. The user told Mel that he was late to a job interview and needed to bring this document with him or he wouldn’t be hired. He told Mel that he had a USB drive and asked them if they could print the document by using a staff computer. 

Mel, wanting to help the user get that job, agreed. They took the USB drive to their desk in the back, opened the document, printed it, and returned the USB drive to the user. He seemed overwhelmingly thankful and left the library in a hurry. When Mel came into work today all of the computers were offline and IT staff were running around frantically. Mel found a manager who explained that the library was hit with a ransomware attack. All of the computers across the entire system were locked and the perpetrators were demanding a large payment of Bitcoin to return access to the library.

What digital security mistakes were made? 

Inserting an unknown drive into a work computer - Not informing IT after inserting the drive