Balancing security and privacy with EZproxy
In recent months, we have been contacted several times by one of our
vendors about our databases being accessed by rogue Chinese IP addresses.
With the massive proliferation of online security breaches and password
dumps, attackers are gaining access to student accounts and using them to
access subscription resources through EZproxy. The vendor catches this
happening and alerts us sometimes, but probably more often than not we have
no idea. When we do find out, we force the students to change their
passwords.
We currently log IP addresses in EZproxy and can see when one of these
rogue IP addresses is accessing a resource. However, we do not log user IDs
in EZproxy, so we can’t tell which student account was compromised. Logging
the user IDs would be a quick fix, but it has major privacy implications
for our patrons, as we would have a record of every document they access.
Have any other institutions encountered this problem? Are any best
practices established for how to deal with these security breaches?
I apologize for cross-posting.
Josh Welker
Information Technology Librarian
James C. Kirkpatrick Library
University of Central Missouri
Warrensburg, MO 64093
JCKL 2260
660.543.8022
|