 |
 |
Balancing security and privacy with EZproxy In recent months, we have been contacted several times by one of our vendors about our databases being accessed by rogue Chinese IP addresses. With the massive proliferation of online security breaches and password dumps, attackers are gaining access to student accounts and using them to access subscription resources through EZproxy. The vendor catches this happening and alerts us sometimes, but probably more often than not we have no idea. When we do find out, we force the students to change their passwords. We currently log IP addresses in EZproxy and can see when one of these rogue IP addresses is accessing a resource. However, we do not log user IDs in EZproxy, so we can’t tell which student account was compromised. Logging the user IDs would be a quick fix, but it has major privacy implications for our patrons, as we would have a record of every document they access. Have any other institutions encountered this problem? Are any best practices established for how to deal with these security breaches? I apologize for cross-posting. Josh Welker Information Technology Librarian James C. Kirkpatrick Library University of Central Missouri Warrensburg, MO 64093 JCKL 2260 660.543.8022