Devan Ray Donaldson, Ph.D. and Laura Bell, M.L.S.

Slides:



Advertisements
Similar presentations
Some impressions from the school visits and the conference -No systematic report 1 st Some general wisdom 2 nd Key analysis questions of the project Conference.
Advertisements

Problem solving skills
Enhancing Critical Thinking Skills 2012 HBCU Library Alliance Leadership Institute Presented By: Violene Williams, MLIS Reference Librarian James Herbert.
Performance Based Teacher Evaluation March 10, 2006.
Fundamentals of IRB Review. Regulatory Role of the IRB Authority to approve, require modifications in (to secure approval), or disapprove all research.
Science What is “Safety” Freedom from danger Safety is the condition of being protected against failure, breakage, error, accidents, or harm. (Protection.
1 MÉNARD, MARTIN, AVOCATS THE RIGHT TO SAFE CARE LEGAL ISSUES By: Mtre. Jean-Pierre Ménard, Ad. E.
Educators’ Attitudes about the Accessibility and Integration of Technology into the Secondary Curriculum Dr. Christal C. Pritchett Auburn University
℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.
Instructional Technology Survey: Highlands School District Shawn Cressler, Summer 2013.
HIPAA Security Final Rule Overview
HIPAA Compliance Case Study: Establishing and Implementing a Program to Audit HIPAA Compliance Drew Hunt Network Security Analyst Valley Medical Center.
Office of the Chief Privacy Officer Update June 23, 2016 Lucia Savage, JD, Chief Privacy Officer, ONC.
The Next Generation of Employees: A Study on the Factors Influencing Male Students Ages to Become Professional Librarians in the United States Heidi.
Wellbeing and mental health Hard evidence: a mental health case study Heema Shukla Independent Policy Developer Wellbeing and mental health.
Law Firm Data Security: What In-house Counsel Need to Know
BAE systems Research results October 2016
Application Outsourcing: Achieving Success & Avoiding Risk
DATA COLLECTION METHODS IN NURSING RESEARCH
Patricia M. Alt, Ph.D. Dept. of Health Science Towson University
Sharing Your School Climate Data with YOUR FAMILIES
Chapter 16 Participating in Groups and Teams.
Just Because Everyone Else is Doing It…
The Internal Audit Role in assessing Cybersecurity
Professional Standards Unit
Overview of VAdata Virginia’s Sexual and Domestic Violence Data Collection System.
Personal and Professional Development Life Long Learning
ASSESSMENT OF STUDENT LEARNING
Dissertation Defense Presentation
Sharing Your School Climate Data with YOUR FAMILIES
Technical writing September 22, 2014.
Done BY: Zainab Sulaiman AL-Mandhari Under Supervisor: Dr.Tarek
DISABILITY AND DESIGN Welcome, everyone.
Risk Register I want to plan a project
Introduction to Implementing an Institutional Repository
INF 103 Education for Service-- snaptutorial.com.
CIS 333Competitive Success/tutorialrank.com
CIS 333 Education for Service-- tutorialrank.com.
INF 103 Teaching Effectively-- snaptutorial.com
INF 103 Education for Service-- tutorialrank.com
Grievance, Discipline & Dismissal
Chapter 8 Performance Management and Employee Development
A project to develop a TEQSA Good Practice Note for the sector Led by
Helpful Hints for action to prevent elder abuse
Research for all Sharing good practice in research management
This presentation will include:
Initial Outreach to Local Libraries (a primer)
Sharing Your School Climate Data with YOUR FAMILIES
Results of the Organizational Performance
Imagine Success Engaging Entering Students Innovations 2009
Discussion and Vote to Amend the Regulations
Cybersecurity: Tried and True Tactics for Assessing and Managing Risks, Employee Training and Program Testing Brian Rubin, Partner, Sutherland Tee Meeks,
Cyber security Policy development and implementation
Drew Hunt Network Security Analyst Valley Medical Center
Parent-Teacher Partnerships for Student Success
Introduction to Health Privacy
Interlibrary Loans & Accessibility
EAC Education Committee
DELNET – Developing Library Network
Topic Leader Training 2012.
RTW Self Assessment using the 5 Steps
Amanda Oliver Amanda Jamieson Anne Daniel
Learning Community II Survey
Role of State Audit Bureau of Kuwait in promoting and audit of IT Security  
Sharing Your School Climate Data with YOUR FAMILIES
The OCLC RLP Special Collections and Archives Work Agenda
SAAEA Conference: 19 – 22 May Gaborone, Botswana
CMGT/431 INFORMATION SYSTEMS SECURITY The Latest Version // uopcourse.com
CMGT 431 CMGT431 cmgt 431 cmgt431 Entire Course // uopstudy.com
Presentation transcript:

Devan Ray Donaldson, Ph.D. and Laura Bell, M.L.S. Should Archivists Care About Securing Digital Collections? drdonald@indiana.edu lbell@ubalt.edu

Overview Motivation and Background Research Questions Methods Findings Future Directions for Research Hi! Thank you for having me. First, Dr. Donaldson asked that I apologize for him; he was unable to be here today because his flight was cancelled due to yesterday’s weather. So unexpectedly alone, today I’ll be talking about an exploratory survey that addresses the question “Should Archivists Care about Securing Digital Collections?” First, I’ll discuss the motivation and background for this study. Second, I’ll describe the study’s methods. Third, I will present our findings regarding participants’ perceptions of security. Then, I’ll discuss the main takeaways from our study as a starting point for considering what archivists should know about security. I’ll conclude with discussion of directions for future research.

It seems like every week we hear about major cyber-attacks or data breaches that jeopardize the privacy and financial well-being of millions of online users and their digital property. The threat of cyber-attacks pervades nearly every industry and institution on the Internet, and is likely to increase in the future. Given this, it is important to consider the security of archival collections online.

For example, the Society of American Archivists (SAA) Security Roundtable recently discussed the vulnerability of born-digital materials that are held by archives and special collections libraries, agreeing that this is an emerging topic that “warrants more investigation.” But, cybersecurity requires training and the development of technical skills that archivists may not possess.

In recognition of this fact, recent literature on the role of the archivist in digital curation acknowledges that others should handle the more technical aspects of security but recommends that archivists develop at least a basic understanding of what it means to secure their digital collections. Interestingly, little research examines archivists’ awareness of security threats, vulnerabilities, and the security requirements for protecting their digital collections.

Purpose and Research Questions The purpose of this presentation is to report findings from an initial exploratory survey about archivists’ perceptions of security. Research Questions: RQ1: How do archivists who are responsible for managing digital collections define security? RQ2: To what extent are archivists aware of security threats to their digital collections? RQ3: According to archivists, what types of security threats do archives face and how are they addressed? Our study addressed three research questions: RQ1: How do archivists who are responsible for managing digital collections define security? RQ2: To what extent are archivists aware of security threats to their digital collections? AND RQ3: According to archivists, what types of security threats do archives face and how are they addressed?

Methods: Study Participants We administered surveys to 15 archivists, librarians, directors, and technicians during Digital Directions 2017 conference in Seattle, WA hosted by the Northeast Document Conservation Center (NEDCC). The conference was the chosen venue for the survey because it was geared toward professionals working with digital collections and included instruction on best practices and practical strategies for the creation, curation, and use of digital collections.

Methods: Survey 19 closed-ended questions: 4 related to confidentiality, 11 pertaining to integrity, and 4 pertaining to availability 5 open-ended questions regarding: what security meant to the participants their knowledge about what security threats their institutions have encountered what types of security threats their institutions protect against, and the frequency of those threats. The purpose of our surveys was to understand how the participants thought about security and to understand their experiences with securing digital collections. Our survey asked about participants’ perceptions of confidentiality, integrity, and availability. In addition, we asked open-ended questions regarding the meaning of security as well as their awareness of security threats and what types of security threats their institutions protect against.

Findings Pertaining to RQ1 Most participants discussed what security meant to them in ways that provided insight into their concerns about securing digital collections. A majority of participants related their notion of security to the concept of integrity. In almost every case, participants mentioned issues related to data integrity. Specifically, they defined security as ensuring that content remains persistent over time, and protecting data from any unauthorized changes or deletion.

Findings Pertaining to RQ2 Nearly half of our participants reported that they either had not encountered any security threats or did not know if they had. This distinction is important because only two participants were definitive in stating that their institutions had not experienced any security threats, while three participants reported that they did not know if their institutions had experienced any security threats.

Findings Pertaining to RQ3 62% (8 out of the 13 who responded) of participants reported that they did not know how frequently their institutions encountered security threats. 31% (4 out of the 13 who responded) of participants reported encountering security threats less than once a month. One participant reported encountering security threats every day.

Findings Pertaining to RQ3 Participants described security threats that their institutions have encountered in terms of confidentiality, malware/viruses, and/or availability. For example, 33% (3 out of 9 who responded) of participants mentioned guarding against security threats related to confidentiality. This included protecting against unauthorized access to digital collections and objects as well as personally identifiable information and classified materials.

Findings Pertaining to RQ3 Examples of Recent Security Threats Malware Phishing Use of Social Media (increased security risks) Use of proxies (to access restricted content) This table lists examples of recent security threats that participants reported. For example, two participants discussed encountering security threats pertaining to the concept of confidentiality. Participant 15 mentioned encountering a recent rash of phishing attempts. Participant 8 reported a recent event where a proxy was used to access a digital object that was restricted to on-campus access. Participant 5 reported encountering malware.

Findings Pertaining to RQ3 Examples of Solutions to Recent Security Threats Antivirus software Notification/reporting systems Requiring login for access to content Policy changes This table lists examples of solutions to recent security threats. Some solutions were more technical. For example, Participant 5 mentioned use of antivirus software to counteract malware, and Participant 11 mentioned the IT department’s use of a reporting system to notify staff about phishing attempts.

Discussion Takeaways: Threats to the security of participants’ digital collections do occur and are handled promptly by the appropriate IT staff. The participants have limited awareness about the security of their digital collections. The participants may be too uninvolved regarding the security of their digital collections. Because the participants varied in their knowledge of security, the findings from this study suggest three somewhat contradictory takeaways: Threats to the security of participants’ digital collections do occur and are handled promptly by the appropriate IT staff, 2) The participants have limited awareness about the security of their digital collections, AND 3) The participants may be uninvolved in the security of their digital collections.

Conclusion: Future Directions for Research What do archivists actually know about security? What should archivists know about security? What impact, if any, does archivists’ knowledge of security have on the security of their digital collections? It is hard to draw conclusions from our study about archivists and the security of their digital collections because our sample was small and heterogeneous. Nevertheless, the primary value of this study is that it can be used as a starting point for a conversation about what archivists actually know about security, what they should know, and what impact, if any, their knowledge has on the security of digital collections. Should archivists care about securing digital collections? On one hand, of course they should. If their digital collections are not secure, they could be changed in unauthorized ways, accessed by unauthorized individuals, and/or inaccessible to authorized individuals. On the other hand, maybe archivists should not care about the security of their digital collections. Just how concerned should archivists be about security if, for example, they do not have the requisite expertise to secure the systems that house their digital collections? And how concerned should archivists be if cyber security falls under the purview of other people (e.g., university IT services in the case of some university archives, and state centralized IT departments in the case of some state archives)? We argue that even if archivists do not have backgrounds in cybersecurity, and even if archivists are not directly responsible for cybersecurity at their organizations, they should at least have a basic understanding of what security is as well as how cybersecurity impacts their digital collections.

Future Directions Should archivists collaborate with IT professionals regarding the security of their digital collections? How can they do this and/or how have they already done this? If we conduct a similar study on a larger scale, will archivists and those who are responsible for securing digital collections in archives be interested in participating?  Is continuing work on this research topic perceived as a worthwhile endeavor by YOU? Findings from our study suggest that participants and IT staff at their organizations seem to work separately and vary in their knowledge about what IT staff do to secure digital collections. Perhaps, more broadly, archivists are more knowledgeable about security and collaborate more actively with IT staff than our participants. More research on archivists and IT staff regarding the security of archival digital collections would clarify the extent to which they collaborate, and whether this type of collaboration is necessary or appropriate. The reason why we’re presenting here at this research forum today is to find out If we conduct a similar study on a larger scale, will you participate? Would you encourage archivists and those who are responsible for securing digital collections in archives to participate? Is continuing work on this research topic perceived as a worthwhile endeavor by YOU? Please let us know. We welcome any constructive feedback you may have. Thank you for your time!

Devan Ray Donaldson, Ph.D. and Laura Bell, M.L.S. Should Archivists Care About Securing Digital Collections? drdonald@indiana.edu lbell@ubalt.edu

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.