Following on from my last blog, I’m also amazed that security is never considered by these ‘cobblers’. If the software is freely available to download on the worldwide web, then it can be downloaded by any Tom, Dick or Harry – or should I say: Tomsk, Ricardo or Cheng.
Free archive software allows them to discover how any security has been implemented. And quickly and easily work out how to breach it. Many hackers even do it for fun!
Organisations that hold valuable, or private internal corporate collections spend thousands of pounds on staff time, web design and then select a “free” digital archive, downloaded off the web and think they have a bargain!
Often those costs are peanuts compared to the costs of producing, digitising and captioning the assets. They are called assets because they have value.
Years ago I was told a story by an archivist who mentioned that a “friend of his” – so it was obviously him – had been to an Eastern European country to try to set up an agency agreement. Moving into the new digital arena they had saved costs by using a free library system. It had been happily running for their UK market for 6 months without any concerns. And the internet opened up worldwide marketing possibilities.
From the time they left the meeting, visited Red Square, museums and other outstanding tourist attractions and landed back in the UK – every single image in their media library had been downloaded. Naturally the agency deal never materialised.
He was banging on my stable door after his assets had bolted, desperate for a secure library!
Freely available or “community” built media libraries by their very nature disclose every facet of their system.
Called ‘Free’ because it is a condition of using their system that you include “their library name, their copyright, their licence” within in your web code – you must not remove it – thus making it easily searchable and identifiable as a target archive. More fool you.
Commercial providers fiercely hide and encrypt their DAM security
I know one collection at the very top of the British tree is going to rue the day they ever selected a free library. A hackers target if ever there was one.
In the past weeks I’ve been contacted by the owner of a website built using popular freely available software. They are being hacked every day. They asked their web expert and provider to remove all user access and passwords, only retaining a new administrator login. All fine for one week, a sigh of relief – and then the hacking started again. Frighteningly, this is the same free software that is used by a number of small museums as the gateway to their archives. The gate is wide open.
When they say it’s FREE. They are right – it’s free for the taking.
Why do it when for £295 a month you can get started with a hosted MediaFiler that is secure and used by government department, the police, education and corporations where security is paramount.