We’re pleased to announce that the next release of Prism is now available for preview, and the latest release of the Admin Console is now live.
This release includes:
- Summon search service integrated in Prism
- Show expiry date in My Account
- Account expiry date for online joiners fix
- E-resource links in records uploaded via Resource Management
- Resource Management control number characters fix
- Account lockout after 5 incorrect log in attempts to the Admin Console
- Mandatory password strength when changing Admin Console password
- Improved security in storage of passwords for the Admin Console
Summon search service integrated in Prism
Libraries that use the Summon resource discovery service can now offer their users the option to search Summon from within Prism. This is the second resource discovery service integration in Prism, following the integration of EBSCO DS.
The Summon search integration allows users to find and link to your subscribed journal articles and other e-resources. Facets allow search results to be refined, including scholarly article, peer reviewed, format, discipline, subject, publication date and more. The Admin Console Prism Facets area includes the Summon facet options, allowing you to show or hide them and to alter their display order. You can also use expert search qualifiers for more precision, such as title, author, subject and format.
You can view a demo of this integration on our demonstration tenancy.
To have Summon added as a search target in Prism you need a Connect for Summon licence. For more information please contact your Account Manager.
Show expiry date in My Account
When users view their account they will see the date their account expires, and they will be warned when it is due to expire within 60 days and when it has expired. The ‘Change PIN’ tab has been re-labeled as ‘Settings’ and it displays the account expiry date as well as the Change PIN form. When the account is due to expire within 60 days, or when it has expired, an alert is displayed directly below the account summary with an appropriate message including the expiry date.
In all cases there is also a ‘Learn more’ link to a new ‘Account Expiry’ page explaining why accounts expire, what it means, and what to do about it. You can customise this text by uploading a file account-expiry.html, containing the page content fragment, to your tenancy’s Theme in the Admin Console, and you can provide translations by uploading additional theme files with the appropriate language code in the filename, for example account-expiry.cy-gb.html.
Account expiry date for online joiners fix
The online joining form in Prism will now set the new borrower’s expiry date according to the rules configured in your LMS, pulling this form in line with Soprano and Alto.
E-resource links in records uploaded via Resource Management
Prism can display links to e-resources from two different data elements: one is hotlinks, which are obtained dynamically via the LDS, and the other is electronic location and access, stored in the Prism data and derived from MARC field 856. Some libraries suppress the display of the electronic location and access links because they tend to duplicate the hotlinks. However, records uploaded to Prism via Resource Management and those returned from other sources via API, such as EDS and Summon, do not have hotlinks.
With this release, when there is no hotlink, Prism generates a hotlink-style display from electronic location and access data derived from MARC field 856. This means that the optimal approach now is to suppress the display of electronic location and access links because all required links will display as hotlinks. For help in suppressing the display of electronic location and access links, please open a Support case.
Resource Management control number characters fix
Some records that have been uploaded to Prism via Resource Management are from suppliers whose control numbers include characters such as space, slash and plus. When selecting such records from Prism search results, the response has been ‘not found’.
Prism now replaces characters from MARC field 001 other than A-Z, a-z, 0-9 and underscore with an underscore, which fixes the problem.
To make this fix apply retrospectively you will need to re-load affected records – after this release has gone live. Suppress or delete Resource Management collections where the problem exists, and re-upload the records to a new collection.
Account lockout after 5 incorrect log in attempts to the Admin Console
To improve the safety and security of your Admin Console account, we have now instituted a password lockout policy, making an account unavailable for a short amount of time if an incorrect password is provided repeatedly.
After 5 incorrect attempts, an “are you human” verification is enacted, requiring you to tick a checkbox, and sometimes solve a CAPTCHA, to continue logging in. If you fail this verification 5 times, or verify successfully, but still use the wrong password, your account will be locked for a period of 10 minutes. This safeguard is to protect against people trying to guess, or brute-force, your account.
If you are having trouble accessing your account, or require the password changing because you have mislaid it, please open a support request and we’ll reset it manually for you.
As an added safeguard, we also strongly suggest enabling 2 factor authentication for your account, which can be set up from the ‘Account Settings’ panel. There are several freely available authentication applications available for all major mobile phone platforms, including Authy and Google Authenticator.
Mandatory password strength when changing Admin Console password
As a further safeguard for your account, we are now enforcing a mandatory “strong password” policy for all Admin Console accounts. This will take effect whenever you elect to change your password. Passwords should contain a mix of upper-case and lower-case characters, numbers, and preferably symbols (e.g. !”£$%^&*(){}[]:;@’~#.?/¬`). Additionally, runs of characters (e.g. qwertyuiop) will be flagged as being insecure, as will common dictionary words and known-weak passwords (e.g. password123 etc.).
To help you choose a strong password, we have added a password strength meter to the Change Password screen:
Password Strength
To successfully change your password, your new one will need to be at least ‘Good’, as indicated on the strength meter.
Improved security in storage of passwords for the Admin Console
As part of our continual internal code reviews, we’ve made the way we store passwords more secure. This change is transparent and happens behind-the-scenes the next time you login to the Admin Console. The new password storage scheme protects against “brute forcing” in the unlikely event that the scrambled version of your password was ever obtained. We’ve ensured the system is future-proof by choosing a system that allows us to increase the strength of the scheme as computers become more powerful.
Making the most of your preview
Please check the preview version as early as possible to familiarise with the new functionality and to ensure that your tenancy still behaves as expected in terms of both functionality, including extensions, and styling.
To preview this release, please precede your tenancy URL with ‘demo.’, like this: demo.capitadiscovery.co.uk/{your tenancy name}. If you have your own host name, you’ll need to use demo.capitadiscovery.co.uk instead.
Release to the live service
The release of Prism to the live service will be on Monday 13th April 2015.
Comments and contact
If you have any comments, questions or suggestions please get in touch. You can comment here on the Prism blog, on the Prism forum and Prism Ideas or contact your Account Manager or the Prism team directly.
Recent Comments