The responses I had and am still having are overwhelming. Sorta like being spammed - in a good way though. I honestly didn't think that many people would be interested in security for libraries. Rather than individually add the over 100 responses to an email distribution list, I want to send out an invite to a Google discussion group - SEC4LIB. Here we can discuss security for libraries and also determine how to proceed in organizing the SEC4LIB group. This Google group may only be a temporary home until the group decides how best to move forward, communicate and share ideas: http://groups.google.com/group/sec4lib I want to clarify a few things as the SEC4LIB discussions move forward. As of now, this is an informal group to discuss and investigate existing security features and shortcomings of library services, applications, products, and solutions.This would include documenting, researching, investigating, and pen-testing library applications, services, products, and solutions. - Bring attention to the security aspect and concerns of library software, applications, services, products, and solutions - Address the concerns that as more enhancements to existing library applications, services, products, and solutions are implemented, securing those enhancements or new applications, services, products, and solutions are equally important - Work with vendors and providers to address security concerns in the products, services, applications, and solutions we depend on - Discuss general security practices and policies for library operations - Conduct research, investigations, and dialog in a professional manner Feel free to share this with colleagues and interested parties. V/R Erin Germ