Cybersecurity Awareness in Libraries

Proclamation No. 2054 series of 2010 declares the September of every year as ‘Cybersecurity Awareness Month‘. We know it is October now which means this event has totally escaped our notice, and for this we blame the time-bending perception from the world’s longest COVID lockdown.

In any case it is better to be late to write about cybersecurity than to never bring it up. Especially now that many of us are working from home and do not have the usual IT support from our offices. You have to take care of your own IT security needs.

So, here is a crash course on cybersecurity awareness! 😎 I will try to write this post as something that is useful for professional librarians here in UP, as well as the various support staff working in archives, libraries and museums. Our patrons may find it worth reading too once they are allowed again to visit the library in person and use the IT facilities.

The Basics of Cybersecurity Awareness

The classic model of information security usually falls upon these three factors, which are collectively known as the CIA Triad:

  • Confidentiality
  • Integrity
  • Availability

Confidentiality refers to how we should keep the data trusted to us from being accessed by unauthorized parties. This could be accomplished by using UP Mail and Dilnet accounts and their associated services (Google Apps for Edu, MS Office 365) instead of your private Gmail or Yahoo! mail.

Integrity refers to measures taken to make sure the data in our safekeeping is protected from alteration. Remember how the UP DPO is pushing for digital signatures? That is one way to ensure that memorandums you receive from the admin are not tampered with in transit.

Availability is making sure the data is actually accessible to authorized users when it is needed. Now that we are moving more of our office operations to cloud-based apps (ex. Canva instead of MS Publisher), this is something as basic as having the stable and reliable Internet connection to access the cloud, and the servers offering 99.9% uptime or better.

Minimum Viable Teaching for Cybersecurity

The above CIA Triad is something that is applied more on the whole IT system. Now as for the individual end user, here are some quick steps you can take to secure your cyber-belongings.

Turn on encryption – This means that the contents of your PC or phone cannot be accessed without being unlocked by your password. iPhones and most new Androids already apply encryption at boot. For Windows it requires a Pro license to enable encryption at the OS level, but you can still keep sensitive files and folder encrypted by installing 7-Zip and creating a password-protected archive.

Pick a long password – The longer the password, the less likely someone would be able to guess it and take over your accounts. Which brings us to…

Don’t reuse your passwords! – Every now and then the online services themselves get hacked, and when this data breach happens the hackers post the passwords on the Internet. You can check on this website if your password has been leaked. By not reusing your password on other sites or mobile apps, you are safe even when data breaches happen.

Turn on two-factor authentication – UP System IT did the right thing when they enabled 2-factor for UP Mail accounts. But did you know that you can do the same for your private email and social media accounts such as Facebook? This helps in making sure the bad guys cannot control your account even if they do find out the password, since they also need the security code sent to you.

Avoid clicking on strange links or email attachments – This one is harder to put into practice since we ourselves send out memos as a link to a Google drive file. And you might notice half of the paragraphs in this post has a link in it. So how do you find out which links are trustworthy? Let’s just start with the basic:

  1. If it ended up in your Spam folder, do not open the link.
  2. If you do not know who sent you the link, do not open the link.
  3. Even if you do know them, but you do not expect them to send links to you, you should confirm first via personal message.

There may be some exceptions to this like phone line or water utility bills.

Use an end-to-end encrypted messenger app like Signal or WhatsApp – There was some outcry on social media last month on certain provisions of the Dilnet Acceptable Use Policy (AUP), especially with regards to privacy.

The good folks at Dilnet busy maintaining our IT facilities as we experience a spike of demand for bandwidth due to remote learning.

If that is your concern too, then you can have a virtually private conversation within Dilnet or anywhere else on the Internet if you use a messaging app with end-to-end encryption, so that only the sender and the receiver can see the messages. Besides the above-mentioned apps, you can also do this in the Facebook Messenger app via secret conversations.

If you are interested in any of the above, you can more in this article from the Electronic Frontier Foundation.

References

Images

Dixon, Denelle. (2016, October 6). Promoting cybersecurity awareness [Blog post]. Retrieved from https://blog.mozilla.org/blog/2016/10/06/promoting-cybersecurity-awareness/. Licensed under CC BY-SA 3.0.

Diliman Network Helpdesk – University of the Philippines Diliman. Retrieved from https://dilnet.upd.edu.ph/

SAGE Journals

SAGE Journals has a portfolio that includes more than 1,000 journals, 950,000+ articles, 850,000+ articles with Deep Backfiles, and 500+ societies. 

SAGE is proud to publish the market-leading journal within nine Social Sciences Citation Index categories and two SCI categories,which include: Criminology & Penology; Cultural Studies; Education & Educational Research; Education, Special; Family Studies; History; Materials Science, Characterization & Testing; Orthopedics; Psychology, Applied; Psychology, Multidisciplinary; Psychology, Psychoanalysis; Psychology, Social; Rehabilitation; Social Sciences, Interdisciplinary; Social Work; Women’s Studies.

Content

International in scope | Peer-reviewed | High-quality | Interdisciplinary journal content

  • High impact: nearly 56% of SAGE’s journal content is ranked in the 2018 Journal Citation Reports® (Web of Science Group, 2019)*
  • Scholarly and professional: research published in partnership with more than 500 key societies 
  • Interdisciplinary: exceptional discipline coverage spanning the humanities, social sciences, and science, technology, and medicine

Discoverability

Consistent journal indexing | High visibility

  • Discovery services: journals are indexed in Summon (ProQuest), World Cat Discovery (OCLC), Primo Central (Ex Libris) and EDS (EBSCO)
  • E-Resource Management Services (ERM): weekly feeds that comply with KBART (Knowledge Bases and Related Tools) to all major ERMs
  • Subject databases: many SAGE journals also included in discipline-specific databases and discovery tools, such as PubMed, Scopus, and many more

Access

Multi-device | Cutting edge | Enhanced experience 

  • Responsive design: allowing a seamless multi-device experience
  • Enhanced experience: including clear PDF download options and article metrics powered by Altmetric.com
  • Usage statistics: COUNTER 5 compliant and available for download

» Access: Authentication token available in Google drive (UP Mail login required)
Expiry: 20 October 2020

SAGE Research Methods – Foundations and Video

SAGE Research Methods Foundations

SAGE Research Methods Foundations is the perfect companion for novice researchers. It provides bite-size, introductory overviews to all the major methods topics written by a renowned roster of methods experts, to help get you on your way. These accessible entries can help you get to the heart of the concept before you dig deeper into books or journal articles.

» Access: Authentication token available in Google drive (UP Mail login required)
Expiry: 06 October 2020


SAGE Research Methods Videos

These 480+ streaming videos cover every aspect of the research process and hundreds of qualitative, quantitative, and mixed methods.

» Access: Authentication token available in Google drive (UP Mail login required)
Expiry: 06 October 2020

BioOne Complete

BioOne Complete is a database of more than 200 subscribed and open-access titles in the biological, ecological, and environmental sciences. The flagship product of the nonprofit publisher BioOne, BioOne Complete provides libraries with cost-effective access to high-quality, curated research and independent society publishers with a dynamic, community-based platform and global distribution. BioOne Complete’s unique business model reinvests precious library funds in scientific communication, with over $45M returned to participating publishers to date.

» Access: Authentication token available in Google drive (UP Mail login required)
Expiry: 30 October 2020

EBSCO E-Book Academic Collection

EBSCO eBooks Academic Subscription Collection offers the e-books your students depend on for their research. This multidisciplinary collection includes thousands of e-books covering a large selection of academic subjects and features e-books from leading publishers and university presses.

Content Includes: *203,500 e-books
*total e-books vary by region; contact us for a title list
Subject Area(s): Multidisciplinary
Description: https://www.ebsco.com/products/ebooks/academic-collection

» Access: Authentication token available in Google drive (UP Mail login required)
Expiry: 20 September 2020

Journal of Visualized Experiments

URL – https://www.jove.com/journal

Science Education Series – https://www.jove.com/science-education-library

 JoVE is the world-leading producer and provider of science videos with the mission to improvescientific research and education. Millions of scientists, educators and students at thousands ofuniversities, colleges, hospitals and biopharmaceutical companies worldwide use JoVE for their research, teaching and learning. 

JoVE Journal is equipped with English sub-title option and JoVE Science Education is equipped withmany languages sub-title options, click bottom right CC button in video view to turn on/off andselect languages.

» Access: On campus within UP System, or register an account using UP Mail (@up.edu.ph)
Expiry: December 2021

Gale Databases (2020)

Gale/Cengage recently activated the trials of the following databases:

  • Gale Academic OneFile
  • Gale eBooks
  • Gale General OneFile
  • Gale Literature: Scribner Writer Series
  • Gale Literature: Twayne’s Author Series
  • Gale OneFile: News
  • BUSINESS TITLES
  • Library and Information Science

» Access: Authentication token available in Google drive (UP Mail login required)
Expiry: 15 July 2020

UPD Library Response to the COVID-19 Pandemic

A. Guidelines and Assistance for Faculty and Students to Access Library Resources

The above guidelines are updated as of 21 August 2020. Updates to these guidelines can be found in the following pages:

B. Library Guide to New Normal

* updated as of 3 August 2020

The full text of the Library Guide to New Normal can be found on pages 21-25 of the Post-ECQ Guidelines by the OVCAA.