[OPEN-ILS-DEV] a question of security

John DeRosa technology at aptalaska.net
Mon Dec 14 18:23:19 EST 2009


Hello evergreen community,

 

This is my first email to the community. I have been employed as the
technology coordinator in the haines borough public library in haines,
Alaska, for the past 5 months. I am new to the evergreen system.

 

Evergreen was picked as a solution for our library earlier this year before
my tenure. We have a small, isolated community of about 2000 people with a
healthy percentage involved in the library. I am aware that evergreen has
some very large installations.

 

During the planning and negotiations stage and before my time here, security
concerns were brought up. Network and security folks with more experience
than me in that area stated that "network 101 security" says that your
database should be in a more secure location than the webserver. There was
great concern expressed that private patron information could be hacked if
someone gained access to the webserver.

 

Working with esi, our installation of evergreen was broken up between two
servers with the database and some other services on a server behind a
firewall and the webserver on the front-end server. The system is up and
running.

 

This solution is less then perfect. Maintenance has become a headache as
stopping and restarting the servers is time consuming and not error-proof
for a neophyte like me. I have also expressed security concerns with the
technology that allows these servers to communicate. Having evergreen split
between these two servers has added a level of complexity that makes my job
more difficult.

 

So, finally, here's my questions. What are you guys doing out there? Have
you seen this as a problem? Have you had security concerns with the
evergreen system running on one server? Has anyone done what we've done
here? Have you seen security breaches with the standard evergreen
installation? Any other information you could send me would be greatly
appreciated.

 

Thanks,

 

John DeRosa

Haines Borough Public Library

907-766-3830 ext 3

technology at aptalaska.net

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://libmail.georgialibraries.org/pipermail/open-ils-dev/attachments/20091214/a1763c30/attachment.htm 


More information about the Open-ils-dev mailing list