Digital Collections Security
This guidance identifies requirements for the safeguarding of access to and preservation of the Library's digital collections while they are in storage.
Digital collections security is concerned with controlling, monitoring, and auditing access to stored digital collection content. Just as the Library controls access to physical media in its storage spaces, these DCMC protocols provide for the control and protection of digital materials. For instance, digital collections security policies and systems ensure that appropriate controls prevent unauthorized access, changes, deletion, or removal of collection content. These differ from enterprise-level IT security and infrastructure responsibilities, such as network maintenance and communications support, as explained further under “Responsibility for Digital Collections Content and Storage Systems”.
To safeguard digital collections, the Library will develop and follow policies to ensure that only authorized user accounts and systems may modify digital collection content. Inventory systems maintain logs of actions on digital content by digital content managers as well as systems. No single user should be able to unilaterally move or delete digital content without following an established procedure or system protocol, which can be monitored according to the documentation and recordkeeping of actions in inventory logs. Deletions of content from the permanent digital collections should be approved by the chief of the division custodial for the content.
User permissions. Currently, Digital Content Managers hold permissions in approved inventory systems according to their involvement in projects/processes and custodial responsibility requirements. Digital Content Managers undertake actions to update or repair the inventory, and to process and describe content. Custodial divisions shall grant permissions within approved inventory systems to each Digital Content Manager based on custodial duties and responsibilities. The control and permissions of users should be stated by administrators in custodial units but managed and controlled by the inventory system.
Account review. The Digital Collections and Management Services division coordinates periodic account review processes. This review ensures that appropriate access levels are maintained for digital content managers, and that account holders and system users represent currently active Library staff.