We focus so heavily on the bigger issues surrounding technology in libraries that we sometimes overlook the importance of the little things that make our patrons' lives easier. To wit-every library that offers public computer access sooner or later faces the question: "Where can people keep their stuff?" From preteens working on school PowerPoint projects to job seekers modifying resumes, everyone just needs their own space.

Any library worker who has had to deal with floppy disks knows that they are a less-than-ideal storage solution. Enter USB (flash, jump, thumb) drives, whose low price and convenience make them a great replacement for older technology.

Although just allowing the use of USB drives seems so simple, libraries serving USB-wielding patrons must resolve a host of issues, ranging from accessibility to security. While it is possible to disable USB ports and disallow the use of these devices, this ill-serves patrons and is an overreaction to security concerns.

Here are some tips about how USB drives can be used safely on public PCs.

Accessibility

Many older PCs have their USB ports (if they have the ports at all) on the back of the machine, which causes problems for patrons. If your ports are inaccessible or hard to reach, you can think about adding an extender cable to bring a port around to the top of the desk. If all of your USB ports are already in use by other devices, you can think about adding small USB hubs for patron use. (You can purchase USB extender cables for less than $8 apiece; hubs sell for less than $15 apiece.)

If your machines lack USB ports, they probably also lack USB support. You may need to upgrade or replace them before you can support USB usage. But it's probably easier to just consider allowing USB drive usage in the future as you replace older machines.

Security

There are several specific security concerns you need to address.

1. Bypass booting from drives other than the hard disk in each public machine's basic input/output system (BIOS) settings. (You should already have done this if you have been allowing patrons to use floppy disks.) You don't want patrons to be able to plug in and boot off of their USB drives and bypass your system security settings.

Each machine differs, but you'll generally need to hit a key such as DEL, F1, or F2 during start-up to enter your PC's BIOS settings. Watch as your PC boots up; you will often see instructions across the bottom of the monitor. Tom's Hardware site has a handy discussion of various BIOS options and how to use them.

Once inside the BIOS, look for a Boot Sequence option. (This is often under Advanced Features, but it will differ for various BIOSs.) Make sure that your first boot device is set to "hard disk." Once you've made this change, also set a BIOS password so that users can't just reboot the machine and change your BIOS settings to bypass your security.

2. Disable AutoRun on all of your PCs. AutoRun is the handy Windows feature that automatically runs a file called autorun.inf when it's present on CD-ROMs or other media that you insert into your computer. Allowing a USB drive to automatically run programs can cause a problem, allowing users to collect passwords and other confidential data from machines or to load other malicious code without your knowledge.

While security software or settings on your public PCs may prevent patrons from running programs there, also be aware of the risk to staff PCs. If a patron, for example, forgets his or her USB drive and you plug it into your own machine to see if it contains information on who it belongs to, this can compromise your computer or network security. You may wish to disable AutoRun on staff machines as well or to be wary about plugging in foreign USB devices. (You can also hold down the Shift key each time you insert a USB drive to disable AutoRun temporarily, but this is more difficult to remember.)

To disable AutoRun, follow the stepby-step instructions for changing registry settings on various versions of Windows at Autorun Problems. (Be sure to always back up the Registry or set restore points in Windows XP before changing settings.) You can also use the freely downloadable TweakUI application to disable AutoRun on some Windows versions without resorting to manually editing the Registry.

Of course, make sure your antivirus and anti-spyware software are up-to-date.

3. Think about whether to allow portable applications to run from USB drives. Since higher-capacity USB drives are coming down in price and portable applications that can be stored on and used from these devices are proliferating, you'll also need to think about larger system security issues. One good option is to allow USB drive usage in conjunction with security software (such as Deep Freeze) that resets the computer to its original state on reboot. This offers a nice balance: It allows patrons to use their portable apps (such as Firefox and OpenOffice) while maintaining PC integrity.

Libraries that lack third-party security software like Deep Freeze may wish to limit the use of portable applications and merely to allow the use of USB drives as storage devices. You can also consider creating a "white list" of acceptable programs, but this can be hard to maintain as popular applications change.

Safely Removing the Hardware

If you are running third-party security software such as Fortres, patrons may complain that they lack access to the "safely remove hardware" icon in the system tray. While rare, removing a USB drive without first disabling it can result in a loss of data. You can add this option as an icon on your desktop by creating a shortcut:

1. Temporarily disable your security software.

2. Create a new desktop shortcut by rightclicking on the desktop and selecting New, then Shortcut.

3. You'll see a dialogue box asking for the location of the item to which you want to create a shortcut. Enter the following: %SystemRoot%\ System32\RUNDLL32.EXEshell32.dll, Control_RunDLL hotplug.dll.

4. Click Next; then name your shortcut. Pick something like "Safely Remove Flash Drive" that your users will understand easily.

5. Save your shortcut.

6. Give your shortcut an icon (optional). It probably displays as a plain white file icon, which you can change to something graphical. Right-click the new shortcut and choose Properties from the menu. Click on the Shortcut tab. Click the Change icon button and browse to where you've stored the icon you'd like to use. (You can download free icons online or draw your own!)

7. Check that your shortcut works by reenabling security and double-clicking. The "Safely Remove Hardware" window should open.

Alnisa Allgood, executive director of Nonprofit Tech in Madison, Wis., originally posted this handy workaround to the Web4Lib discussion list.

Publicity

Now that you're offering this useful service, how do you get people to take advantage of it? First, advertise its availability. Post a "Flash Drives Welcome" sign temporarily, make a note in your newsletter, post on your library's blog, and be sure that all public services staff members can suggest the USB drive alternative to people who are having problems with floppies or seeking alternative storage solutions.

Smaller USB drives are a great giveaway idea-think about the possibilities for National Library Card Signup Month or Summer Reading prizes. Some libraries also sell the devices to patrons. Prices are dropping and you can buy in bulk.

Be sure to provide instructions for patrons using their USB devices on public PCs. Include instructions on safely removing the hardware, on saving files to USB devices, and putting contact information on their drives in case they leave them in your PCs.

USB for You and Me

Now that we've covered the ins and cuts of allowing USB drives for library patrons, take a minute to think about their usefulness for library staff. Those who tend to bring work home will love the ease and convenience of having their own USB devices, and personal staff drives can be invaluable if your library lacks a network where employees can store files. Systems librarians can use USB drives to store diagnostic tools, drivers, and other useful files to help them repair or restore machines. Any librarians can transport personal files and projects without needing to use floppies or to e-mail files between work and home.

Staff members who are familiar with USB drives for personal use will also be better able to help patrons use these devices. The more familiar we are with the technology our patrons are using, the more prepared we are to meet their needs in the 21st century. Flash drives are one easy way to start, given their advantages for library users and library staff alike.