PII and Identity Finder

  • Personally Identifiable Information (PII) Scanning Procedure

    IUP’s Acceptable Use of Information Technology Resources Policy was recently enhanced and extended by the University Senate to help the university better protect against unintended loss of Personally Identifiable Information (PII). This includes only a few select items, such as Social Security numbers, credit card numbers, bank account numbers, and passport numbers.

    Enacting this policy will soon begin by using Spirion’s Identity Finder software to locate PII and to then better secure files containing PII in a manner that limits disruption to the university community.

    Phase I (One-Time Pre-2012 Quarantine Scan)

    As a first step in what will be a long-term effort, this software will be used to identify “old files” on shared network drives that contain PII. Only files that have not been modified since 2011 or earlier will be scanned. No individual drives (such as the H: drive) will be evaluated at this time.

    Department and office contacts will receive notification that contains relevant information about this Phase I process. It will also explain how to get questions answered related to the process.

    Phase I Steps

    The Phase I scanning process will be comprised of the following steps:

    1. In advance of the scheduled scan, an ihelp ticket will be created and emailed to the office/department contact you. This ticket will be used to answer any questions related to the scan, to schedule the scan date, and to track all information related to the scan.

    2. A technician will contact the office/department contact by telephone a few days prior to the scheduled scan to review the process and to address any remaining questions you may have about the scan.

    3. The scan will be conducted on the scheduled date. Again, only shared office O: and project drives (not H: or C: drives) will be scanned, and only files that were last modified before 2012 and flagged as containing PII will be removed and quarantined.

    4. A copy of the scan report generated by the Identity Finder software will be added to the ihelp ticket for review.

    5. When a file is removed and placed on the quarantine drive in IT Services, the Identity Finder software will create a plain text file with the same name in place of the original file. The text file will contain instructions on recovering the original file and determining a proper method for storage of the sensitive file contents.

    Phase I Schedule

    • Notification to all administrative office contacts regarding automated quarantine-mode scan on files with modification date 12/31/2011 and older.

    • Automated quarantine-mode scan of administrative shared storage (O: drives) on files with modification date 12/31/2011 and older.

    • Notification to all academic department chairs regarding automated quarantine-mode scan on files with modification date 12/31/2011 and older.

    • Automated quarantine-mode scan of academic shared storage (O: drives) on files with modification date 12/31/2011 and older.

    Phase II (On-Going Process)

    • Notification to all employees to optionally perform a self-directed scan of local (C/D), personal (H), or shared storage (O) drives.
    • Notification to all department/office contacts regarding automated report-mode scan of shared storage (O: drives).

    • Automated report-mode scan of shared storage (O: drives).

    • Notification to all department/office contacts regarding automated quarantine-mode scan of shared storage (O: drives).

    • Automated quarantine-mode scan of shared storage (O: drives).

    • Employees submit ihelp tickets to retrieve a file from quarantine and review possible methods for proper storage of the sensitive file contents.

    How will PII be identified?

    A current software tool that can be used to locate and assist in the proper handling of PII across university machines is Spirion’s Identity Finder. The Identity Finder software runs like a virus scanner for file systems and can be configured by an end user to locate specific types of PII. After running a search on a specified set of directory paths, the Identity Finder software creates a report that describes PII located during the scan. The Identity Finder report presents options to assist the user in handling the PII found that include: shred, redact, encrypt, quarantine, and ignore. The software can be automatically scheduled, and can be integrated with email clients.