FOLIO Project Update – Week of June 24, 2019
Project Updates / 2 Jul 2019
Implementation planning, features, and security concerns this week’s project report.
The FOLIO Product Council discussed the new Market Viable Product document, developed at the DC FOLIO meeting last week. The Capacity Planning Group’s charge is slightly expanded to define which features can be developed by next year. Institutions planning on full implementation need to examine their needs and make strategic commitments this year in order to have successful 2020 implementations.
The FOLIO Technical Council reviewed the PubSub Service RFC. Final comments are due by July 3rd, and the TC will vote on accepting it at its next meeting.
The FOLIO Implementation Group started brainstorming what implementers would need to do, step by step, to use FOLIO. The brainstorming log can be found here. The brainstorming cards are open, and anyone may comment on them.
The Consortia SIG met on June 26th and recapped some items from the DC meeting. The SIG posted a wiki page covering “resource sharing,” which provides descriptions of different types, terms and definitions, etc. The SIG will continue to discuss the tier of resource sharing that is called “Cross-tenant unmediated,” including mapping out the user journey for this workflow. The SIG also published a Discuss post to gather information on how consortia handle notices, overdue fees/fines, and general attempts to get items back, found here.
Khalilah Gambrell provided an overview of the Notes feature to the Resource Access SIG. The SIG discussed its efficacy for RA and suggested changes to make it more useful. On June 27th, the SIG discussed the process and timing for anonymization for closed loans, as well as review and re-ranking of request related gaps.
Jo Drexl explained security issues of Okapi and FOLIO modules to the Sys Ops & Mgt SIG. Jo noted how the whole background communication is unencrypted, unless one sets up tunnels. The communication with the Postgres server is also unencrypted. Without superuser privileges, the database cannot be set up. This process should be accomplished in such a way that there is no need for superuser privileges. SysOps will treat these security concerns with high priority and will meet again on July 12th to start creating JIRA tickets for these issues.