SAA Security Section member Jim Havron pointed us to two recent articles about a facet of security that we don’t often think about, but could have massive implications for archives and special collections libraries – cybersecurity.
The first, from Security Week, notes that simply running out-of-date software puts a wide variety of firms, including archives and similar cultural heritage institutions, at risk of a data breach. And many of us, upwards of 50% according to the article, are running software that is not up-to-date. A simple fix of updating software is a great first step in securing your electronic assets.
Havron noted in his correspondence that more and more “non-computer” technologies are integrated into the internet of things and one must be aware of the fact that the unpatched software of fire alarms, electronic locks, and other security technology could render those items vulnerable to an attack. As he asked rhetorically, “does your institution have controlled access or fire alarms as part of its security?”
A second article, from info security, mentions the threat of ransomware attacks sent through e-mail. As Havron noted is his correspondence, “It isn’t just for ‘digital archivists’ or ‘electronic records’ anymore. Access points on the first Wannacry attack [the massive ransomware attack in May 2017 that infected over 230,000 computers] included security cameras, refrigerators, baby monitors, and thermostats. If you have any of these things (e.g. environmental controls), there is risk.”
When thinking about security at your institution, it isn’t only about keeping thieves from pilfering dog tags or returning old manuscripts to their rightful owner, it is also about protecting all of your electronic assets from the wide array of cyber threats that exist. If you have any specific questions for Jim Havron about cyber security in archives and cultural heritage institutions, feel free to e-mail him: firstname.lastname@example.org.