Library Technology Guides

Document Repository

Smart Libraries Newsletter

Smart Libraries Q&A: Staff use of Service Desk Computers

Smart Libraries Newsletter [March 2020]


Many libraries used shared accounts to log into staff computers at public service points. Can you discuss benefits and risks with this and also share your recommendation on using shared accounts versus individual user accounts?

Many libraries find it convenient to use a generic account for computers at service points. This practice makes it easy for different staff members to perform routine tasks without the need to continually switch user accounts. In most cases, using a generic account in this way does not introduce any security risks or other concerns. But here are some issues to consider.

Computers at service points operate with at least two levels of user accounts—one associated with the computer's operating system and the other with the software for the ILS and related applications. The generic operating system account used for service points should be highly restricted and not have access to shared files and documents. The account for the ILS would be configured to access the least possible features needed to perform tasks associated with that service point.

At a service point designated primarily for circulation, tasks related to other modules, such as cataloging and acquisitions, would naturally be disabled. Some limited editing capabilities might be enabled such as the ability to create a temporary record for items presented for borrowing that may not have a record in the system.

Other common scenarios involve the need to access additional functionality beyond that configured for a generic service desk account. Some transactions may need special permissions such as the ability to forgive fines, extend loan periods, or make changes to bibliographic records. Some ILS products handle these scenarios by prompting for an override password that could be entered by a supervisor for one-time access to a restricted function. Otherwise, it would be necessary to have a fast way to log the application in with an account associated with a higher level of permissions.

Using a generic account usually works well for collecting statistics and analytics. It is usually important to capture the number of transactions conducted at a given service point rather than by the staff members. Whether it is through a generic account dedicated to a service point or other staff accounts used, it is important to be able to gather comprehensive statistics for each service point. There should be no impact regarding the data recorded for patron transactions and the treatment of personally identifiable data.

The situation changes if staff members need to perform other types of tasks with the computers at the service points. During periods of inactivity, a staff member may need to work on reports or other activities that require access to the library's shared file system. In these cases, it should be possible for the service desk computer to be logged into that staff member's network account. It is important that the computer be returned to its generic account when that staff member is not present.

Another level of account access involves services accessed through the computer's web browser. It's common for staff members to access email, social media, and other accounts while stationed at a service desk. In most cases, this should not interfere with service desk transactions. The main concerns involve accidently enabling access to a staff member's personal or work files by others that may subsequently use that computer. Once logged in, sessions on these services can be quite persistent. Even if the browser window or tab is closed, the account may still be active when relaunched. Practices to address this issue would include using incognito mode when signing into other accounts, explicitly logging out when leaving the station, and enabling security policies that automatically clear the browser's cookies and cache when exiting the web browser.

These options cover just some of the issues related to computers at library service desks. While the specific procedures may vary, these computers should be managed in the best ways that ensure the capture of any needed statistics and to protect the security of patron, staff, and institutional data while optimizing their efficiency to best provide the services for the public for which they are intended.

View Citation
Publication Year:2020
Type of Material:Article
Language English
Published in: Smart Libraries Newsletter
Publication Info:Volume 40 Number 03
Issue:March 2020
Publisher:ALA TechSource
Series: Smart Libraries Q&A
Place of Publication:Chicago, IL
Record Number:25075
Last Update:2022-12-05 14:42:51
Date Created:2020-04-20 12:18:36