Cybersecurity

Yes, we can talk about putting things behind a log-in to avoid misappropriation of content! Thank you for asking.

At the same time, we can (and must) talk about putting things behind a log-in to avoid problems with security, privacy, intellectual property, and data integrity.

Of course, by “things,” we mean “websites,” which are now a significant part of the services provided by libraries, museums, and archives.

Because websites perform a huge array of function, for purposes of this question, we are going to talk about library, museum, and archival websites that perform the following functions:

• Business information presentation (“About us,” “Our team,” “Policies,” etc.);
• Data repositories (archives and online collections);
• Searching the website and/or repository; and
• Integrated library systems services.[1]

Common website functions this question is NOT going to specifically cover are:

• Financial transactions (like donating to a museum over a website);
• Collaborative research (like crowd-sourcing a survey);
• Interactivity (for example, a social media site).

We’ll tackle those another day.[2]

Why am I narrowing the scope this way?

After 30 years of development,[3] libraries, museums, and archives use their websites as alternatives for their physical locations. The value of this—if it was ever in question—was shown during the COVID-19 Pandemic.

Because of this, such websites must be:

• Mission-focused;
• Consistent and reliable;
• Compliant; and
• Trusted.

Current trends in Internet activity show that the risks that were always present when operating and relying on a website are only getting starker. In addition to the operability risks flagged in the Library Journal article cited by the member, the risks posed to security, privacy and data integrity are significant, too.

Here is a short, fictional story that illustrates some of those risks, in combination with a few other factors:

***START OF SCENARIO***

The Scribe Museum is a beloved institution in Tinytown, New York. Tinytown is the birthplace of Daniel D. Scribe, who kept the minutes at the first meeting of an important civil rights organization.

The Scribe Museum is a solid limestone building that has the physical collection of the complete works of Daniel D. Scribe, and recently, it digitized its entire collection. The digital collection is hosted by another group, which subcontracts services to a cloud provider.

To preserve the physical collection while the building’s heating, cooling, and ventilation system is replaced, the Scribe Museum rents a temporary location and moves the archival material per established best practices.

The Scribe Museum’s website is www.scribemuseum.net, hosted by GoMommy.com. The digital collection is open to all. The website says “While our archives are safely off-site and our building is being given some TLC, peruse our digital collection! Civil rights are always open.” The Scribe Museum’s leadership is savvy and does not make the location of the relocated physical archives broadly known.

A person with a lot of free time decides that the Scribe Museum’s civil rights mission is too “woke.” They spend a few weeks patiently downloading the full archive in small tranches and then launch a bot attack to deny service by the website. They then modify the scanned documents to change them in small but nasty ways, create an alternate website at www.scribemuseum.not, and post them to various social media sites to disseminate.

The villain also hacks the Scribe Museum’s server and holds the content for ransom, gets access to and posts all their emails, and uses social engineering to find the physical location of the archive for some old-fashioned property destruction. They also deliver some pizza to every board member as a “message.”

***END OF SCENARIO***

Ugh. Just writing that out was... not fun.

So how can a library, museum, or archive use a log-in system to help avoid this scenario?

We have to face it head-on: there is no one way to avoid this type of scenario, including use of a log-in. Rather, libraries, museums and archives must use a combination of log-in, enhanced security, back-ups, intellectual property protections, and (most critically) train human beings to be safer, or as I call it, “harden the target.”

How does a library, museum or archive harden the target of its website?[4]

Several things:

First, a library, museum, or archive must consider the security and architecture of its website. Is it ready to withstand an attack? Is it set up to be resilient? What level of functionality must it have assurance of?

To answer these questions, the institution must consider—and deeply reconsider—the purpose of its website. Is the website just a directory service (“Get here,” “Accommodations,” “Admission,” etc.), or is the content a core service? Does all the content currently on it have to be there? If so, does the benefit of immediate access outweigh the risks?

After asking these questions, the institution must consider the information it puts on its “open-to all” part of the website, what it might want to put behind a log-in screen, and what should only be accessible after some human contact. For each level of access, the risk of it being compromised should be worth the benefit of having disclosed it.

As the article cited by the member points out, this change is viewed as an existential threat by many cultural institutions. But while it is certainly a big change, it is also a chance to reinvest in human connectivity in addition to evolving technology.

Here are examples of how this opportunity can benefit an institution:

Example 1: After assessing its mission and website, a museum posts only its essential “about us” information on its unrestricted webpages. Wanting the website to stay engaged and dynamic, it also regularly showcases 20 examples of its prime collection, unrestricted and with metadata, on its website and social media. It then allows standing access to search its full digitized collection with a free log-in. To obtain a log-in, a user provides information to authenticate them as a valid user and agrees to the “Terms of Use.” When logged in during open hours, the user also has the ability to live-chat with a real human at the museum, a position that was specifically designed and built into the budget while the website presence was updated.

Example 2: After assessing its mission and website, a library posts all its “about us” information on its unrestricted web pages. Library users with cooperative library system cards can log in to perform all functions on the integrated library system (catalog search, reserves, seeing what books they have checked out). The library also has a separate log-in for those who are interested in its Rare Books Room; that log-in page is accessible after a general page describing the special collection in broad terms. Users without a library card can also call the library to make an appointment to view the rare books.

Example 3: After assessing its mission and website, an author’s archive posts its mission, location, fundraising, and contact information on its unrestricted web pages. The archive is by appointment only, onsite or via videoconference. Except for a few teaser documents to showcase the scope of the archive, the digitized version of the archive is similarly accessible on-site only. The archive invests in people being on-site and using technology to connect with those who want to work with the content. Since the content is still protected by copyright, the archive also registers and takes steps to put the proper notation on digitized content.

Example 4: After assessing its mission and website, a public university with a digital repository of over 200,000 documents related to health and wellness decides that the mission of the repository is only served if the repository can be searched and accessed without a barrier (such as a log-in). The university works with its IT staff and contract provider to design and invest in a database structure that can withstand periodic high “demand” caused by bots or targeted attacks and has a back-up in the event the primary site is interrupted. The university also develops an AI tool to assess when times of high demand require added resources.[5] The university develops and registers a trademark for the repository and uses it in key areas of the service. Workers are also trained and scheduled to be available on-demand for people who need help with the database. Although the extra design and security add costs, it is decided that the added reliability merits the expense.

In each of these scenarios, the institution is using its mission to determine what needs to be freely online without the barrier of a log-in and what should be further restricted. Just as critically, the institution is considering how human talent fits in and how the institution keeps the resource secure and resilient.

Here at the end of 2025, it is really, truly time to take a long, hard look at what is freely available on websites.

Just like the Internet changed the world in the 90’s, AI and its ability to warp the Internet is changing the world in the 2020’s. Wise institutions will use this as an opportunity to review their mission, assess their needs, and “harden the target” by structuring their online presence and policies to meet the needs of the present. The good news is that a key part of that is investing in people.

Thank you for a great question!