All Collections
Extension User FAQs
Security and Privacy
Security FAQ with Lean Library extension
Security FAQ with Lean Library extension

This article will answer some of the frequently asked questions regarding secruity

Clare Chan avatar
Written by Clare Chan
Updated over a week ago

At Lean Library, we put honesty and transparency at the heart of everything we do.

Here is some information regarding the security of our extension:

  • We do not store credentials or personally identifiable information for users. Data that is captured is immediately anonymised and aggregated for usage reporting only

  • All authentication is provided either by the clients SSO service (e.g. OpenAthens, Shibboleth) or Proxy client (e.g. EZProxy). No data for this is sent between the extension and server

  • We use HTTPS for all requests ensuring that they use TLS 1.2 as a minimum

  • All systems stored in the Cloud, implementing recommended best practices

  • Databases (of main concern user logins for librarians) are locked down with strict access only as needed

  • No production data is used in test or development environments

We hope this information will assure you of our determination in providing a highly secured experience to both the librarians and the patrons.

If you are interested to hear more, please visit this Privacy FAQs article to understand how the extension works and the related privacy questions.

Did this answer your question?