When choosing to purchase content or technology, besides contemplating cost, functionality, and benefits, libraries must consider data privacy and security. A 2018 study by Opus and Ponemon Institute found that almost 59 percent of companies experienced a data breach linked to a third-party vendor. The same now holds true for higher education. A recent article in Security Boulevard underscored as much, noting that:
“COVID-19 has been something of a perfect storm for colleges and universities. As we uncovered in our recent Education Cybersecurity Threat Index, the pandemic has made addressing cybersecurity weaknesses an urgent operational necessity in higher education. Between the changing nature of how education is delivered, and emboldened threat actors, higher ed now faces an unprecedented threat level.”
In similar vein, the Wall Street Journal notes that:
“Schools struggling to stay open get hit by ransomware attacks; districts around the U.S. are fighting a wave of increasingly aggressive hackers, who are publicly posting sensitive student information.”
The implications are clear; today, maybe more than ever before, security considerations must take center stage when procuring library systems and services.
The implications are clear; today, maybe more than ever before, security considerations must take center stage when procuring library systems and services.
The implications are clear; today, maybe more than ever before, security considerations must take center stage when procuring library systems and services. At EBSCO Information Services (EBSCO), we implement system and data security policies and standards in different areas of our operations. We have thereby attained ISO 27001 compliance and certification for our core products and services through a rigorous audit and assessment of processes. Through our ISO 27001 certification, which was done by internationally acclaimed auditing and certification bodies, libraries can have complete trust in EBSCO’s product and services’ security and user data protections. Products covered in the ISO 27001 certification include EBSCO Discovery Service™ (EDS), EBSCOhost® and our hosting of the FOLIO Library Services Platform (LSP), to list a few.
Beyond the ISO 27001 certification, we ensure the security of our services through our hosting environment and the expertise of our Information Security teams. We host FOLIO on Amazon Web Services (AWS), which provides for high reliability and application and data redundancy. AWS thereby delivers robust security standards for data and account (users) access including ongoing monitoring and alerting and real-time notifications of performance and security vulnerabilities. Importantly, EBSCO’s Information Security team holds specific certifications specializing in information systems, intrusion analysis and prevention, incident handling, computer forensics, in addition to having years of experience working with industry security best practices.
EBSCO is dedicated to implementing and supporting the most current standards-based approaches in accessibility, data security and compliance. Our continuous commitment is to preserve the confidentiality, integrity and security of personal information while ensuring exceptional usability for all customers and users.