Friday, September 7, 2012

How LibraryWorld Keeps Your Data Safe

One important question that we work hard at LibraryWorld to address is the security of your data. For a cloud-based automation company, security of our customers data is of paramount importance to us, and we have gone to extensive measures to ensure that things stay that way. Users who are accustomed to storing their data locally on software drives often wonder how we can ensure that their data stays safe off-site. When we discuss security with our staff, we speak about three main areas of focus: the physical security of the drives themselves, data security as it relates to how the data is backed up, and access security, which limits access to data to only authorized viewers.

Physical security

LibraryWorld servers are housed on the 14th floor of a regional federal government offices building, which includes a Tier III Data Center protected by on-site officers, mantraps, biometrics, CCTV, key card controls and a Pre-action fire suppression system. Data centers house an organization's most valuable and irreplaceable information, so obtaining a secured environment with robust connectivity to colocate customer data was paramount. This is why we chose to partner with CoreSite and house our servers at an Internet Exchange Point, known as MAE-West.

Data Security

Library data is stored on RAID 1 Mirrored Solid State Drives. Backups are performed each night with archival backups kept for 4 days and monthly backups kept for 6 months. Backup data is stored off-site for location redundancy. This means that even if an unexpected event were to restrict our access to the main servers, your data would still be backed up and safe at an offsite location.

We believe our security provides as good or better privacy than most locally stored systems. In some ways, by the mere fact that the data is physically removed from local hands, there is a built-in level of security over locally stored, and locally tempted unauthorized access. This is an inherent benefit to cloud computing.

Access Security

Each library has a separate database where all records are stored. Records are not shared between library databases which might allow a user to access patron data in a library other than their own. You have to have a username and password that has rights to a specific library database to see the patrons and collection information for that library. Since the data is hosted in separated databases, even buggy code would find it extraordinarily hard to accidentally access patron information the user doesn't have read access to.

One final question that is often asked is whether or not LibraryWorld will restrict access to catalog and patron records if a membership is terminated.  There are no removal fees, no hidden loop holes--we keep your data safe as long as you are member of LibraryWorld and immediately release it back to you when you discontinue service. You can always export your catalog and patron records in standard formats. If your subscription times out and you do not want to renew, we will reactivate the subscription for a short time so you can export your data. We will allow access to catalog and patron information for up to one year after your subscription ends.

We are always open to feedback and questions, especially around the safety of your data. If you have any questions regarding the content discussed in this e-mail, please address your question to