Ex Libris is committed to providing our customers with secure and reliable cloud-based services. Our multi-tier security model, based on international standards and protocols and accepted industry practices, is constantly monitored and tested to maintain a strong level of security. It is designed to provide Ex Libris users with peace of mind regarding the security, privacy, confidentiality, integrity, and availability of their data.
As part of the company’s focus and commitment to security, Ex Libris employs a Chief Information Security Officer, a Privacy and Regulation Officer, and a dedicated security team.
Our Data Centers: Designed for reliability, security, and data protection
Our state-of-the-art data centers include the highest level of round-the-clock physical security, including biometrics, intrusion detection systems, and interior and exterior surveillance 24×7, year-round.
In addition, access is limited to authorized data center personnel only. No one can access our data center facilities without advanced clearance and accompaniment by an authorized employee.
Ex Libris data centers include physical and environmental security controls that eliminate the effect of single points of failure and ensure the resilience of the computing center.
Ex Libris maintains data centers around the world:
- United States
- The Netherlands
Ex Libris implements a top-down approach to verifying security controls, including maintaining strict policies and procedures. We provide full transparency of our security policies and publish them online, demonstrating our commitment to security and allowing you to understand exactly how we secure our services.
Security is a top priority at Ex Libris. We continually seek to identify and eliminate vulnerabilities that may compromise the security of our products.
If a new vulnerability is identified, advisories are communicated immediately to our customers to provide them with information related to the vulnerabilities that have been identified. The advisories include actions taken by Ex Libris Cloud Services to address the vulnerability and recommendations for on-premise installations, including security patches that are applicable to the affected services.
Incident Response Policy
Security threats can arise from multiple sources and may result from accidental, intentional, or malicious acts. Ex Libris works to detect, respond to, report, and learn from security incidents.
As part of the Ex Libris security incident response policy, we commit to take prompt action to investigate any incident, mitigate any harm stemming from the incident, and take action to prevent any similar incidents from occurring again.
Report a Security Concern
Ex Libris employs a Chief Information Security Officer (CISO) who is the contact person for security issues and a Privacy and Regulation Officer for privacy and regulation issues. A dedicated security team works alongside the Cloud Services team and investigates all reports of security vulnerabilities affecting Ex Libris products and services. If you have a security concern, please contact us.
For any security-related questions or issues, open a support CRM case >
or contact the Ex Libris Security Officer at SecurityOfficer@exlibrisgroup.com
Ex Libris continuously monitors through multi-tiered security audits that include security checks, security reviews, application and infrastructure security vulnerability assessment scans, third-party patching, and scans of network vulnerabilities.
Ex Libris relies on external cybersecurity consultants to stay abreast of emerging infrastructure vulnerabilities worldwide. Ex Libris also engages an independent security company that periodically performs a security penetration test based on the OWASP Top 10 and SANS 25 best practices.