The website and all microsites are now back up. Our network security device had failed, which had blocked all traffic to the server. We have rectified the issue and are back up and running. I apologize for any issues this may have caused.
Currently ala.org and all microsites are down. We are working on the issue. Unfortunately no further information is available.
Yahoo and AOL have introduced a new technology called DMARC. Without going into the technical details, it completely breaks all internet mailing lists as we know it. We have instituted a work around in Sympa. All lists now have a subscriber called firstname.lastname@example.org. Do not, under any circumstances, delete this user. Without this user, mails sent to and from AOL and Yahoo members will be bounced. Any email sent from Yahoo or AOL is now being modified to so that it comes from Name@yahoo via <email@example.com>. The real sender is firstname.lastname@example.org not the original sender. This is by design in order to work around the problem. Going forward it is important to reply to the list, not to an individual sender. If you reply to an individual sender, the email will be sent to email@example.com and will be discarded. If you have already deleted this user, please add it back as a list member. The options should be set to reception:nomail and visibility:hidden.
If you are interested in the technological aspects of DMARC and want a more in depth analysis, PC world wrote a great article at http://www.pcworld.com/article/2141120/yahoo-email-antispoofing-policy-breaks-mailing-lists.html.
We plan on upgrading Sympa later this summer. The newest version has features to help work around the DMARC problem. However, it should be noted that this new technology fundamentally breaks mailing lists, and the work arounds are not a fix. They simply work around the issue. The problem is not exclusive to Sympa and extends to all known mailing list technologies available.
There is a mandatory Drupal security fix that is being applied this evening. There will be rolling outages from 7pm to 8pm CST. Each microsite will probably be down for no more than a few minutes. After the update is applied to that particular site, it will come back up and I will move on to the next one.
We’re excited to announce that you can now search the 800+ awards listed in the Financial Assistance for Library & Information Studies (FALIS) Directory in the Opportunities Exchange in ALA Connect.
The FALIS Directory is maintained by ALA’s Office for Human Resource Development and Recruitment (HRDR). All of the awards can now be searched by type (assistantship, fellowship, scholarship), library type (academic, public, school), education program level (Masters, Doctorate), state, keyword, and more. The Directory is also still available as a PDF.
This effort brings together in one place the more than 800+ FALIS awards with dozens of additional opportunities within the library profession for calls for proposal, equipment, freelance work, giveaways, grants, job exchanges, research surveys, volunteering, and more.
Originally started in 2010 as one of then-ALA President Jim Rettig’s initiatives, the Opportunities Exchange was conceived of as a craigslist for the library world. Anyone with an account on ALA Connect can add a new opportunity to the OppEx. Users can also save searches and request email alerts when new opportunities are added that match the interests listed in their Connect profiles.
See the Help section of the Opportunities Exchange for more information about this valuable resource and how you can add an opportunity to the database.
As we’ve done in past years when committee terms end during Annual, ITTS will be changing the end date on all committee terms ending on June 30, 2014, to July 13, 2014. The change will take place the night of June 30th, so anyone with an end date of 6/30/2014 in iMIS will automatically be changed to an end date of 7/13/2014. This will allow them to continue to access their Connect groups through Sunday, July 13.
The night of July 13, we’ll set the end dates back to June 30 so that they will be removed from the Connect rosters for Monday, July 14. Please let your committee members know that they need to finish their work in Connect before 7/14/2014 if their terms end on June 30.
Anyone with a start date of July 1 will be moved back to a start date of July 14.
When all is said and done after July 14, committee terms in iMIS will reflect their original dates, and rosters will be current to reflect the original start and end dates.
The ALA Information Technology & Telecommunication Services (ITTS) unit presented the ALA Strategic Technology Directions 2014-2017 to the ALA Executive Board in April 2014. It provides a good foundation to understand how technology is implemented to meet the goals of the organization and explains the role of ITTS within ALA.
The diagrams in the report attempt to show the complexity of the implemented technologies and how they are integrated with each other. For example, our conference registration companies retrieve iMIS (our Association Management System) data so that members won’t have to reenter their membership information again when registering for conferences. The ALA Technology Services diagram on page 2 shows all of the integrations between systems.
With only 8.5 employees, ITTS supports software and hardware for our 11 divisions, 20 round tables, 55,000 members, and 25 offices with approximately 240 staff.
On page 3 of the report, there is an infographic containing 2013 ITTS statistics. For example, we received 3,833 help desk requests in 2013. This is a conservative number because we aren’t able to log every call or hallway conversation. Help desk requests are usually individual problems, and as such they don’t represent large scale projects. We also maintain 300 databases, 100 virtual servers, and 40 physical servers, in addition to the services we manage that are provided/maintained by 27 different consultants. We had 25.5 million pageviews on our website, and 22% of our members use ALA Connect.
The following are some highlights of some of the major goals. The full vision is in the report.
iMIS Association Management System
We will upgrade our iMIS Membership Management System used to capture member and customer transactions for dues, committee rosters, small events/continuing education, subscriptions, and fund raising. The iMIS upgrade will allow us to offer more standard integration with our other systems, provide staff with mobile access, and provide a current and robust foundation for the new ecommerce system.
The new ecommerce implementation is scheduled to begin this summer and will provide much-needed new functionality. The new system will be more convenient for all users, allowing them to join, register, or donate without first creating an iMIS account. It will also let users purchase multiple items through a single shopping cart, view their past purchases, view recommendations, and use embedded customer service chat. ALA and its units will finally be able to offer promotional coupons and special offers and embed ecommerce widgets on non-ALA sites. Screens will be more customizable and the interface will be much more user-friendly.
Further improvements planned for FY14 include:
In FY15, we will be working on a responsive website theme for Connect that will become the foundation for mobile apps, as well as exploring the best way to implement digital badges for active participants. With Connect and ala.org profiles merging into a new resource as part of the new profile management system, we’ll be switching our focus from building a member matching feature in Connect to building a group matching one based on member profile interests. When the profile management project is complete, we’ll also be implementing Shibboleth so that logging in to Connect will automatically log you in to ala.org and vice-versa.
Looking to the future, a major focus for staff skills will be in some areas like storytelling, creating images, editing audio and video, and blending different media to create an engaging narrative. Looking across the Association, these skill set shifts are already becoming apparent. That shift into the new, social communications environment will necessarily continue.
The Technology Roadmap contains a list of projects scheduled for the next four years. It is a timeline that will change based on available resources.
Going forward, we’ll post updates on these projects on our blog and continue to show how our vision for technology is helping to improve ALA services. We hope that you’ll ask questions and provide feedback along the way.
Please see this article from The Wall Street Journal at http://online.wsj.com/news/articles/SB10001424052702304819004579489813056799076 for a description of the bug.
Check of ALA Onsite Services
We have checked all onsite services at ALA for this bug and found only one vulnerable service which was never exposed to the Internet. This server has been patched. This means no ALA member data or passwords have ever been at risk due to Heartbleed.
Check of Hosted Services
ALA hosted email (owa.ala.org), ALA Connect, and services on Dreamhost are not vulnerable.
Personal services that you use on the Internet:
http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/ has a pretty good list of affected sites and recommendations on when to change passwords.
Director, Information Technology & Telecommunication Services
After some discussion about ALA Connect on the ALA Council mailing list last month (here and here), I put together a report about Connect usage because just glancing at the site can leave the impression that it isn’t being used very much when in fact the numbers show the opposite. This PDF report is current as of January 16, 2014 (there’s also an accessible PDF version).
One thing in particular I want to note is that when someone posts something to a Connect group, the default setting is for it to be private so that only the group’s members can see it. This was done deliberately because many award juries, nominating committees, boards, and other groups that discuss confidential subjects needed to be sure their content was secure by default.
However, there’s a box on every piece of content that the author can check to make that post public so that anyone in the world can see it without even logging in to Connect. When someone views the Connect home page and isn’t logged in, they only see public content.
When someone is logged in and looks at the home page, they only see content from their groups. This person can’t see the content being posted privately to other groups, so looking at Connect groups you’re not a member of might not show anything new if nothing was explicitly made “public.” In fact, there might be quite a bit of activity going on but you just can’t see it. It’s the same as not being a member of an email list – as a non-member, you can’t see the posts to a private mailing list, but that doesn’t mean the subscribers aren’t using it.
That’s why I put this report together, to present a more general snapshot beyond just what an individual user can see by scanning the site. Look at the data and decide for yourself if people are using Connect or not and then please share your thoughts about how we can improve it to make it even better. We’ll be doing a survey later this spring to collect broad input, but jump in now if you have ideas.
Note that in the next few months, we’ll be implementing a Doodle-like module for scheduling meetings, adding 5,000 financial assistance grants/scholarships to the Opportunities Exchange, and implementing the new search engine that ala.org is using (Apache Solr). We’re also working on a way to email content in to a group so that you don’t have to visit the website to start a discussion.
In FY15, we’ll revamp MentorConnect, match users to groups they might want to join, and create a mobile app (for starters).
What else can we add or change to make Connect work well for you?
- Jenny Levine, ITTS (jlevine [at] ala.org)
We’ve updated our ALA Technology Roadmap June 2014 project list. This list represents:
This Roadmap currently projects out four years of work, but the timeframes are subject to change based on our decreased resources. Sherri Vanyek Director, Information Technology & Telecommunication Services (ITTS) American Library Association