Computer Security
Self-Assessment Checklist

Take this self-assessment test to find out about the security of your computer system and environment. Each section of the test addresses a different aspect of security, and each aspect is important for protecting your computer and data.

Physical Security --Are your computers & other electronic equipment (fax machines, printers, modems, servers, routers and hubs) ready to be stolen?



1. Is there a deadbolt OR comparably secure lock on each exterior door of your building ?    

2. Are your computers & other electronic equipment located in areas that are not easily accessible to someone who might steal them or their components?



3. Does your library have a clean record for the past year with no unsolved theft or vandalism of computers or other equipment OR if still unsolved, have you taken measures to prevent reoccurrence?



4. Are all offices, including technical service areas, closed to the public when no staff are there?



For more information about protecting your computers from physical damage or theft go to

Virus Protection -- Are you practicing safe computing?



1. Do you have anti-virus software installed on every computer that can access the Internet?



2. Have the anti-virus software definitions been updated within the past month?



3. Do you have a regular schedule for updating virus definitions?    
4. Do you have a regular schedule for scanning your hard drive for viruses OR do you have a regular schedule to restore from a trusted backup?

5. Do you check all removable drives (floppy disks, portable hard drives) each time for viruses, including those you move between your home and office computers?



6. Does your Internet Use Policy address procedures to control the possibility of getting viruses from patron use?    

For more information about computer viruses go to

Protecting the Confidentiality of Sensitive Data -- How do you handle sensitive data?



1. Are all staff who work with patron records aware that it is sensitive information?



2. Do you require passwords to access your computers at all times?    
3. Do you have Millennium and Telnet (NetTerm) installed only on computers that are not used for public access OR installed only on passworded computers to which the public only has access to other areas?



4. Are routers, servers and switches in your library protected by passwords (not the default ones they were shipped with)?    
5. Do you not allow confidential data to be stored on terminals used for public access (this includes patron mailing lists, storyhour registration lists,...)



6. Have you changed MilCirc passwords in the past six months?



7. Have you changed MilCat passwords in the past six months?    
8. Have you changed Telnet (NetTerm) passwords in the past six months?    
9. Do you have unique passwords for every individual on staff?    

10. Do you have a procedure for protecting the confidentiality of sensitive information, including changing of passwords, when a staff member leaves your employment?

11. Do you have a procedure that outlines which staff members have access to passwords and the secure location where they are kept?    

For more information about using passwords well go to

Disaster Recovery -- Are you vulnerable to disasters?



1. Do you have duplicates of important paper files?



2. Have you backed up your computer files this week?



3. Is your backup data stored outside of your building?



4. Do you have a Board-approved written policy outlining a plan in the event of a natural or man-made disaster that affects the library facility, holdings, or staff and patrons?



Your library must be able to answer yes to all questions in order to authenticate the security of your computers to MHLS.