Ensuring sensitive data stays protected is a high priority at Ohio University. Finding where sensitive data is hiding can prove challenging though. Spirion, formerly known as Identity Finder, is commercial software that searches for sensitive data such as social security numbers, credit/debit card numbers, and a variety of other data elements. It's a powerful tool that faculty and staff are encouraged to use to find sensitive data on their departmentally owned machines and storage locations.
Common Examples of Sensitive Data Locations
- Old class and grade rosters
- Locally stored email archives
- Research datasets
- Old salary information
- Exports from PeopleSoft, SIS, eBiz, etc.
- Shadow system data (e.g. local financial aid, admissions applications, etc.)
- Old backups and removable media
For more information regarding Spirion, along with how to use it, you can view the official Spirion User Guide.
How Spirion Works
After Spirion is installed on a University machine, it will automatically start a scan on the last Tuesday of each month to look for:
-Credit Card Information
-Bank Account Numbers
-Social Security Numbers
-Driver’s License Numbers
If Spirion detects sensitive information on a workstation, it will report findings to the Spirion administration server. An additional monthly process is then initiated to identify and report workstations with a high volume of unprotected matches. This report is delivered to the Information Security Office. After a host has been identified as having a high volume of unprotected matches, a designated liaison for the departmental area will be notified of the results. It is the responsibility of that liaison to work with the appropriate end user to remediate the findings.
Spirion is available to faculty and staff.
How to Request
To request Spirion for your computer(s), please contact the OIT Service Desk at email@example.com with the computers that need it installed. The Information Security Office can also run scans on computers and network storage locations by request.