Our central IT maintains a help desk in the Library, which includes checking out laptops (and chargers, and other equipment) through our library system. And they get a fair amount of traffic during their operating hour.
But the equipment loans are very much a mediated process, not self-service. And the user information is wiped upon return.
-Tod
Tod Olson <[log in to unmask]<mailto:[log in to unmask]>>
Systems Librarian
Interim Head of Integrated Library Systems
University of Chicago Library
On Mar 10, 2023, at 12:53 PM, Brent Palmer <[log in to unmask]<mailto:[log in to unmask]>> wrote:
We loan laptops and looked into the kiosk solutions originally and ruled them out as too expensive. (And from what I remember they generally just use Deepfreeze-like software to wipe them anyway). We shied away from the deep-freeze like option because we could imagine situations where patrons lost data because they didn't plug the laptop in in time. It seems like there should be a Deepfreeze where it's triggered on demand instead of by a restart, but at the time I couldn't find one.
So one of my guys came up with a technique where the laptops had a separate partition with an image of the OS partition saved to it. So when the laptop came back the circ staff would plug in a USB with a live version of Linux on it. There was a button on the linux desktop that would run a script that would use clonezilla to reimage the OS partition from the other partition on the laptop. As I'm writing this, it is sounding very Code4lib-ish.
In the end I decided the time we spent on maintenance for these got to be too much. He was spending too much time when it was time to do windows updates because it involved reimaging the OS back to the second partition after the updates (He had to put a hold on all of them and as they came back they would get cycled to IT and back into circulation). Also there were too many physical repairs as well. So I just told them that if they want to circulate laptops, we have to switch to using cheaper Chromebooks.
So now, the Chromebooks come back and get power-washed and that's it. And no repairs, just replacements.
Brent
Iowa City Public Library
-----Original Message-----
From: Code for Libraries <[log in to unmask]<mailto:[log in to unmask]>> On Behalf Of Hammer, Erich F
Sent: Friday, March 10, 2023 12:33 PM
To: [log in to unmask]<mailto:[log in to unmask]>
Subject: Re: [CODE4LIB] Securing Loaner Laptops
Mike,
I brought this up on the LABMGR listserv a couple years back, and there was enough discussion that someone arranged for a virtual panel discussion (that I was unfortunately unable to attend).
The general consensus was that because of the zeroth rule of security ("Without physical security, there is no security."), laptops pretty much have to be wiped between users. If you are going to wipe it anyway, you may as well give the user admin rights so they can do what they need.
We haven't gotten back into lending laptops mostly for budgetary reasons, but if we do, that is the model we will be following. I don't know if we will try to establish our own procedure, or go with a laptop "vending machine" kiosk. My understanding is that those are designed to wipe and re-image the machines when they are returned.
Erich
On Friday, March 10, 2023 at 12:58, Mike Paulmeno eloquently inscribed:
To All:
I have a question for the group. Does anyone here
work at an institution which lends laptops out? Our campus is going
to implement such a program. The impetus is coming from IT and the
student government, but the library will be involved as the plan is to use self-checkout machines.
We're wondering how other institutions secure the laptops themselves.
Do you wipe them after each use or just use something like Deep
Freeze/lock the devices down so people can't install anything?
Best,
Mike
Michael Paulmeno Systems Librarian Lucy Scribner Library, 210 Skidmore College (518) 580-5505 [log in to unmask]<mailto:[log in to unmask]><mailto:[log in to unmask]> He/Him/His
