I recently wrote a blog post about password security in library subscribed databases based on an RFP by a state agencecy subject to public disclosure laws. The results were very revealing, but it covered only a small set of vendors. http://go-to-hellman.blogspot.com/2015/02/passwords-are-stored-in-plain-text.html <http://go-to-hellman.blogspot.com/2015/02/passwords-are-stored-in-plain-text.html>
I would be very interested to learn of RFPs for library automation software, ebook delivery platforms, etc. subject to similar public disclosure rules that asked questions relevant to privacy and security in libraries. Contact me on or off list. Eric Eric Hellman President, Gluejar.Inc. Founder, Unglue.it https://unglue.it/ http://go-to-hellman.blogspot.com/ twitter: @gluejar
