An opportunity for individuals and teams to improve the system by building their own hack for prizes and bragging rights!
Open to individuals and teams working on a hack for either Polaris or Sierra. The hack can solve any problem. Hackers will have 24 hours to design and build their hack and a presentation explaining the problem being solved as well as the solution. Resources will be available during the pre-conference day to assist.
Presentations of the hacks will be made and awards given out during a happy hour at the end of Day One of the conference.
The Opening Session will include: Welcome and IUG Business Meeting lead by Jeff Campbell Innovative executive keynote providing an overall company, community and high-level product update Rapido Consortial Borrowing Launch Customer Spotlight Awards
Join us for happy hour, and watch the hackers from the IUG Hackathon present their ideas alongside Lightning Round presentations. An esteemed panel of judges will award gold, silver and bronze to the top hacks!
Lightning Rounds include: LibData: A True OS-Agnostic Patron Device Management Solution by Derek Brown Using Fail2Ban Works to Protect Services on Linux Server from AI Harvesters by Jeff Campbell Sierra Inventory, without using Circa by Tammy Poquette
Lightning Rounds will be held in a combined session with the Hackathon Presentations.
Join the Rochester Hills Public Library as we share our experience transitioning from Microsoft-driven patron and print management to a more flexible, OS-agnostic solution. In this session, we'll walk through our multi-phase strategy to move away from Microsoft-controlled services and servers, and how we evaluated a range of possibilities for time management, public printing, and device management. Our solution: LibData.
LibData offers an easy deployment process across Windows, Mac, and Chrome OS environments, whether managing devices on-premises or handling a large collection of loanable devices. Attendees will learn how to enroll and deploy Chromebook devices in minutes using secure PAPI/Innovative API account lookups.
Additionally, we'll demonstrate integrations with services like OnlyOffice for Chrome OS, ITC GoPrint for seamless print management, and iBoss web filtering to enhance security on loaned devices. Whether you're exploring alternatives for managing public-use devices or seeking a fully cloud-based management solution, this session will offer practical insights into how we leveraged LibData to meet our library's evolving needs.
Lightning Rounds will be held in a combined session with the Hackathon Presentations.
The lightning round will discuss the impact of AI bots harvesting our digital collections, the policy the library came up with to deal with AI bots, and how we are using Fail2Ban to protect library services.
Write Better SQL The first of a 2-presentation series delivered over two successive days. The goal is to be largely product-agnostic and to focus more on common concepts without deep dives into the database structure of either product. As these sessions are geared toward those already using Sierra/Polaris SQL, no session time will be devoted to getting connected to a database and writing basic queries. Topics will include: Understanding the different types of joins; common uses of unions; common table expressions (CTEs); adopting a consistent style for readability; producing Excel-friendly output. Audience members are encouraged to chime in at any time to round out the presentation with input from multiple perspectives. Likewise, questions will be encouraged throughout, including on tangential database topics. I will be working with one or more Polaris SQL experts to develop examples for the Polaris attendees.
Library data security is more important than ever. This session will explore practical strategies to protect patron information and comply with privacy regulations. Attendees will gain insights into potential threats, including phishing attacks and financial motives behind cybercrimes, and learn how to strengthen security without overwhelming staff with technical complexity.
The presentation will cover key security guidelines, emphasizing the importance of email vigilance, multi-factor authentication (MFA), and smart password management. Attendees will also discover technical measures such as vendor credential management, anti-malware tools, and secure backup strategies to safeguard critical systems.
Libraries are standing at multiple intersections of change where the roads extend not only into different directions, but different dimensions. AI isn't going away and it's coming for your library, whether you like it or not. Indeed, 'whether you like it or not' is the mantra of AI development and innovation. There are questions about the legalities of licensing vs ownership, the foundations of copyright, and the ownership of the past. Let's take a look at the landscape of Electric Libraryland, from traditional libraries to the underground. What happened, what's happening, and what might happen tomorrow? And what might you need to know when tomorrow becomes today?
Come and learn more about the MEEP process. We will discuss the life of an idea and how it gets submitted to then get voted on for enhancement. We will also cover how to get involved and answer any questions you have about the process.
With ransomware and cyber attacks on the rise, a review of how Clarivate handles system security. It includes a look at the security built into our software, the security of our hosting services, and how we review security with third-party partners.
I will go over the various disasters that have affected my library system since 2017 (Hurricane Irma (2017), an county-wide cyberattack (2019), Covid (2020), Hurricane Ian (2022), Hurricane Milton (2024)) and what we did before, during, and after to try and lessen the negative impacts on our users. Then it will be opened up to the attendees to share similar experiences, make suggestions, and ask questions. Although I will discuss actions that were done with our ILS (Polaris), I will also talk about what was done with other vendors (i.e. OverDrive) and other general actions (i.e. cyber security training implementation), so it's more of a General forum than necessarily Polaris-specific.
Minuteman Library Network (MLN) went live with libraryIQ in 2024. MLN is a particularly tough customer, posing plenty of challenges to both parties. MLN does not prefer to provide direct access to the server, and IQ wasn’t exactly sure what to make of 7,000+ collection codes which led to misinterpreted data on both sides. But thanks to a highly collaborative partnership we were able to work through all conflicts and had a successful launch. Come and learn how a library and vendor both approach the onboarding process and can work together to ensure that the ongoing needs of both parties are met. Co-presented with Sara Roberts and Cori Iannaggi of libraryIQ .
Creating effective training for public library staff requires a process that's both data-informed and adaptable. Cooperative Computer Service's (CCS) quarterly evaluation model uses feedback and data from select sources to identify and prioritize training topics for our public library consortium. This session will explore our streamlined approach to gathering and analyzing input, turning staff needs into actionable training plans. We'll discuss our methods for balancing quantitative survey data with qualitative insights, and how we leverage these findings to develop relevant, timely training initiatives.
Attendees will gain practical strategies for building responsive training programs. Join us to discover ways to create a training model that stays in tune with staff and organizational goals.
Andrew McDonald is the lead software developer at SILS. He will explain why SILS chose custom software solutions for its member library websites and consortial mobile apps. This choice comes with clear benefits, but also tradeoffs and risks which will be outline throughout the presentation.
Library staff are expected to manage large collections with little insight into actual use. How do you quickly decide what to remove, what to replace and how to budget? Rochester Hills uses libraryIQ to enhance their adult and teen collection through a variety of Discover tools that are created to ease the burden of decision making while highlighting gaps in the collection. Aurora Public Library uses libraryIQ to quickly and efficiently run weeding lists, transforming hours of work into a few clicks. Learn about the tool and the strategies that led to their success. Note: Co-presenters Jaylyn McCoy from Aurora Public Library and Sara Roberts from LibraryIQ
Administering an ILS at a library of any size can be a challenge, especially in situations which require communication across multiple departments and branches which do not often cross paths. This session will explore how Allen County Public Library (ACPL) ILS administrators have built a more cohesive work environment through the utilization of collaborative software tools including Office 365, FreshService, and others. Using these tools, the ACPL has improved communications and workflows related to:
--Moderated and collaborative communication platforms
--Project management
--Incident management
--And more!
Representing the ACPL ILS administrative team, Nathaniel Burnard and Matthew Etzel collectively have over 40 years of library experience across a variety of positions in libraries large and small. They currently share in leading a team which administers the ACPL collection of over 3 million item records and 200,000 patron records across 14 branches, which circulates over 5 million items annually.
Write Better SQL The second of a 2-presentation series delivered over two successive days. The goal is to be largely product-agnostic and to focus more on common concepts without deep dives into the database structure of either product. This session will resume wherever the first session ended. As time permits, additional topics will include: Creating and using temp tables; understanding and using window functions; writing performant SQL. Audience members are encouraged to chime in at any time to round out the presentation with input from multiple perspectives. Likewise, questions will be encouraged throughout, including on tangential database topics. I will be working with one or more Polaris SQL experts to develop examples for the Polaris attendees.
Cybersecurity isn't just a technology concern; it's a collective responsibility. Regardless of the size of your library, your role, or technical prowess, if you're connected, you're affected. While technical solutions are critical, they're only as strong as the people who use them. Staff training and awareness are crucial components in safeguarding library data and preventing breaches.
In this session, we will focus on the pivotal role library staff play in cybersecurity. You'll learn about the most common risks to users and how to recognize and mitigate them. Whether you're front-line staff or in a leadership position, this presentation will offer practical strategies to help you foster a security-conscious culture across your entire organization.
Whether you have a dedicated IT department or not, you'll leave with actionable insights on how to make cybersecurity an everyday part of library operations, ensuring both your library and its patrons remain safe from cyber threats.
SILS uses Kibana to present Polaris data in a way that's easy to understand, encourages staff engagement, and helps our libraries make informed decisions. This presentation will give an overview of the Kibana tools that bring library data to life with visualizations and dashboards. It will cover why dashboarding has become an integral component of our reporting toolset, why we chose Kibana over alternative products, how we use Elastic with Polaris and other data sources, and the challenges we've encountered along the way.
Whether you're a systems administrator leading a team or a lone librarian in multiple roles, the steps to create effective cybersecurity are available to you. Using ISO27001 as the underlying framework and emphasizing a proactive, 20/80 approach (20% effort for 80% results), this session will cover the fundamental knowledge for ensuring a more secure IT environment.
We will begin with a discussion of recent library ransomware attacks starting with the biggest: the London Public Library. What happened? How did the attacker get in? Exactly what systems were compromised and what could have been done to prevent it?
This will pivot to a more general topic: what does it mean to be hacked? What is access? This will lead to the first action point: the principle of least access. Least access means that all users only get the access they need to do specific tasks, i.e. administrator access should only be provided in a limited way. Had this been followed by the IT staff at the London Public Library, the attack would not have occurred.
From here the discussion will move to the ways in which Identity and access can be stolen and how that can be prevented. What does it mean to have your identity stolen? How does this happen and how do malicious actors obtain stolen identities? I'll talk briefly about the dark web only to make participants aware that large packages of stolen identities can be bought and sold. Knowing this make it easier to recognize common patterns of attacks (such as FIRSTNAME+LASTNAME+NUMBER@GMAIL.com as the sender in email).
By introducing this concept to participants, what I'm trying to point out is that most hacks occur through staff. Most of those are phishing attacks. What is phishing? I'll then point out a few basic phishing attacks--the generic one ('phishing') and the targeted ('whaling'). So, how can you prevent phishing? I'll introduce a few methods and provide supporting documentation: regular staff awareness training and emails, and anti-phishing plugins for email clients.
After this, I will briefly discuss password security. I'll bring up the recent revision to NIST 800-63-3B which attempts to wrangle many of the myths about password security by providing best practices. I'll also mention other practices such as using unique passwords for each service and secure, free ways to store passwords. I'll also introduce a few password generators such as Last Pass.
The remaining portion of the session will discuss more higher-level activities beginning with Data Security. What is data security? What is a good backup? How often does one take backups? And of what? I'll bring up the usefulness of Amazon S3 for this purpose, since it is effective and cheap but will provide other cloud solutions they may already have access to.
To begin a Data Security program, participants will need to conduct an Audit. Because there is so much data, it's important to sit down with various stakeholders in your institution and find out what data is truly essential to their activities. I'll show a simple worksheet to help manage this discussion with stakeholders and help rank which data and services are essential. I will also give participants a very simple email template they can send to their vendors to ask them what steps are being taken to secure their data. These responses from vendors can be used to fill in the worksheet.
The last topic is the Disaster Response planning meeting: a simple sitdown meeting with various stakeholders to discuss possible responses. I will use the worksheet from the previous section to show how participants can guide this discussion and get a useful outcome.
Have you been given cataloging duties? Not sure where to start? Does reading the rules feel like a Choose Your Own Adventure? This practical session (with a touch of theory) will cover the basic building blocks of cataloging and should leave you feeling more confident and ready to catalog!
This presentation will explore strategies to help staff navigate continuous change. It will also showcase innovative approaches to adapting workflows when faced with limited staffing. There will be time at the end to share ideas about what has worked or not worked for your library and staff.
