Creating effective training for public library staff requires a process that's both data-informed and adaptable. Cooperative Computer Service's (CCS) quarterly evaluation model uses feedback and data from select sources to identify and prioritize training topics for our public library consortium. This session will explore our streamlined approach to gathering and analyzing input, turning staff needs into actionable training plans. We'll discuss our methods for balancing quantitative survey data with qualitative insights, and how we leverage these findings to develop relevant, timely training initiatives.
Attendees will gain practical strategies for building responsive training programs. Join us to discover ways to create a training model that stays in tune with staff and organizational goals.
Andrew McDonald is the lead software developer at SILS. He will explain why SILS chose custom software solutions for its member library websites and consortial mobile apps. This choice comes with clear benefits, but also tradeoffs and risks which will be outline throughout the presentation.
Library staff are expected to manage large collections with little insight into actual use. How do you quickly decide what to remove, what to replace and how to budget? Rochester Hills uses libraryIQ to enhance their adult and teen collection through a variety of Discover tools that are created to ease the burden of decision making while highlighting gaps in the collection. Aurora Public Library uses libraryIQ to quickly and efficiently run weeding lists, transforming hours of work into a few clicks. Learn about the tool and the strategies that led to their success. Note: Co-presenters Jaylyn McCoy from Aurora Public Library and Sara Roberts from LibraryIQ
Administering an ILS at a library of any size can be a challenge, especially in situations which require communication across multiple departments and branches which do not often cross paths. This session will explore how Allen County Public Library (ACPL) ILS administrators have built a more cohesive work environment through the utilization of collaborative software tools including Office 365, FreshService, and others. Using these tools, the ACPL has improved communications and workflows related to:
--Moderated and collaborative communication platforms
--Project management
--Incident management
--And more!
Representing the ACPL ILS administrative team, Nathaniel Burnard and Matthew Etzel collectively have over 40 years of library experience across a variety of positions in libraries large and small. They currently share in leading a team which administers the ACPL collection of over 3 million item records and 200,000 patron records across 14 branches, which circulates over 5 million items annually.
Write Better SQL The second of a 2-presentation series delivered over two successive days. The goal is to be largely product-agnostic and to focus more on common concepts without deep dives into the database structure of either product. This session will resume wherever the first session ended. As time permits, additional topics will include: Creating and using temp tables; understanding and using window functions; writing performant SQL. Audience members are encouraged to chime in at any time to round out the presentation with input from multiple perspectives. Likewise, questions will be encouraged throughout, including on tangential database topics. I will be working with one or more Polaris SQL experts to develop examples for the Polaris attendees.
Cybersecurity isn't just a technology concern; it's a collective responsibility. Regardless of the size of your library, your role, or technical prowess, if you're connected, you're affected. While technical solutions are critical, they're only as strong as the people who use them. Staff training and awareness are crucial components in safeguarding library data and preventing breaches.
In this session, we will focus on the pivotal role library staff play in cybersecurity. You'll learn about the most common risks to users and how to recognize and mitigate them. Whether you're front-line staff or in a leadership position, this presentation will offer practical strategies to help you foster a security-conscious culture across your entire organization.
Whether you have a dedicated IT department or not, you'll leave with actionable insights on how to make cybersecurity an everyday part of library operations, ensuring both your library and its patrons remain safe from cyber threats.
SILS uses Kibana to present Polaris data in a way that's easy to understand, encourages staff engagement, and helps our libraries make informed decisions. This presentation will give an overview of the Kibana tools that bring library data to life with visualizations and dashboards. It will cover why dashboarding has become an integral component of our reporting toolset, why we chose Kibana over alternative products, how we use Elastic with Polaris and other data sources, and the challenges we've encountered along the way.
Whether you're a systems administrator leading a team or a lone librarian in multiple roles, the steps to create effective cybersecurity are available to you. Using ISO27001 as the underlying framework and emphasizing a proactive, 20/80 approach (20% effort for 80% results), this session will cover the fundamental knowledge for ensuring a more secure IT environment.
We will begin with a discussion of recent library ransomware attacks starting with the biggest: the London Public Library. What happened? How did the attacker get in? Exactly what systems were compromised and what could have been done to prevent it?
This will pivot to a more general topic: what does it mean to be hacked? What is access? This will lead to the first action point: the principle of least access. Least access means that all users only get the access they need to do specific tasks, i.e. administrator access should only be provided in a limited way. Had this been followed by the IT staff at the London Public Library, the attack would not have occurred.
From here the discussion will move to the ways in which Identity and access can be stolen and how that can be prevented. What does it mean to have your identity stolen? How does this happen and how do malicious actors obtain stolen identities? I'll talk briefly about the dark web only to make participants aware that large packages of stolen identities can be bought and sold. Knowing this make it easier to recognize common patterns of attacks (such as FIRSTNAME+LASTNAME+NUMBER@GMAIL.com as the sender in email).
By introducing this concept to participants, what I'm trying to point out is that most hacks occur through staff. Most of those are phishing attacks. What is phishing? I'll then point out a few basic phishing attacks--the generic one ('phishing') and the targeted ('whaling'). So, how can you prevent phishing? I'll introduce a few methods and provide supporting documentation: regular staff awareness training and emails, and anti-phishing plugins for email clients.
After this, I will briefly discuss password security. I'll bring up the recent revision to NIST 800-63-3B which attempts to wrangle many of the myths about password security by providing best practices. I'll also mention other practices such as using unique passwords for each service and secure, free ways to store passwords. I'll also introduce a few password generators such as Last Pass.
The remaining portion of the session will discuss more higher-level activities beginning with Data Security. What is data security? What is a good backup? How often does one take backups? And of what? I'll bring up the usefulness of Amazon S3 for this purpose, since it is effective and cheap but will provide other cloud solutions they may already have access to.
To begin a Data Security program, participants will need to conduct an Audit. Because there is so much data, it's important to sit down with various stakeholders in your institution and find out what data is truly essential to their activities. I'll show a simple worksheet to help manage this discussion with stakeholders and help rank which data and services are essential. I will also give participants a very simple email template they can send to their vendors to ask them what steps are being taken to secure their data. These responses from vendors can be used to fill in the worksheet.
The last topic is the Disaster Response planning meeting: a simple sitdown meeting with various stakeholders to discuss possible responses. I will use the worksheet from the previous section to show how participants can guide this discussion and get a useful outcome.
Have you been given cataloging duties? Not sure where to start? Does reading the rules feel like a Choose Your Own Adventure? This practical session (with a touch of theory) will cover the basic building blocks of cataloging and should leave you feeling more confident and ready to catalog!
This presentation will explore strategies to help staff navigate continuous change. It will also showcase innovative approaches to adapting workflows when faced with limited staffing. There will be time at the end to share ideas about what has worked or not worked for your library and staff.
