Presentation is loading. Please wait.

Presentation is loading. Please wait.

SSN Rescan and Purge Redux Pat Burns, VPIT January 29, 2008.

Published byOscar Harrell Modified over 9 years ago

Similar presentations

Presentation on theme: "SSN Rescan and Purge Redux Pat Burns, VPIT January 29, 2008."— Presentation transcript:

1 SSN Rescan and Purge Redux Pat Burns, VPIT January 29, 2008

2 Jan. 24, 2008 SSN Scan Redux 2 Status Initial exercise was successful at removing thousands of files with millions of SSN’s and CCN’s, and substantially reduced the risk to our constituents of identity theft However, the process was far from perfect, it relied on attestations from individual users, and lacked “checks and balances” Recent events indicate that we may still have tens of thousands of SSN’s on CSU systems

3 Jan. 24, 2008 SSN Scan Redux 3 We Need to “Fix” this Problem Provost/SVP directive, at the recommendation of the VPIT Rescan and purge, using a new process with checks and balances, that reasonably assures removal of virtually all SSN’s on our systems  Invasive/intrusive process is approved, but only for the purposes of identifying sensitive data that need to be purged  The ‘default’ is to err on the side of protection, i.e. removal Refresh “scan and purge” periodically, at least once per annum

4 Jan. 24, 2008 SSN Scan Redux 4 New Process System administrators will be responsible for  Rescans of systems now using new, improved spider tool  Getting lists of target files to their users for their inspection/action  Determining that files with SSN’s, CCN’s and other sensitive information have been removed Rescan by February 22, 2008 Verify that files with sensitive information have been removed Default is to remove files to off-line storage  Reporting to the VPIT that the new process has been completed satisfactorily

5 Jan. 24, 2008 SSN Scan Redux 5 Other Steve Lovaas will work with IT staff on spider implementations Multi-user servers are the primary target at this time  Extend to individual systems, based upon judgment Begin immediately Deadline for sysadmins reporting back to the VPIT is Feb. 29

6 Jan. 24, 2008 SSN Scan Redux 6 Reporting Format For all web and multi-user file servers Report numbers of files  “Before” – found initially on the next scan  “After” - after users have remedied  “Final” – after sysadmin actions Discussion, if “final” number is not 0

Download ppt "SSN Rescan and Purge Redux Pat Burns, VPIT January 29, 2008."

Similar presentations

Tasks in Setting Up a Hard Disk

Tasks in Setting Up a Hard Disk
CLEARSPACE Digital Document Archiving system INTRODUCTION Digital Document Archiving is the process of capturing paper documents through scanning and.

CLEARSPACE Digital Document Archiving system INTRODUCTION Digital Document Archiving is the process of capturing paper documents through scanning and.
Evolution of Data Use and Stewardship Recent University-wide Data Stewardship Enhancements Integrated System Data Stewardship Shirley C. Payne, CISSP,

Evolution of Data Use and Stewardship Recent University-wide Data Stewardship Enhancements Integrated System Data Stewardship Shirley C. Payne, CISSP,
Sensitive Information Sweep

Sensitive Information Sweep
Prime’ Senior Project. Presentation Outline What is Our Project? Problem Definition What does our system do? How does the system work? Implementation.

Prime’ Senior Project. Presentation Outline What is Our Project? Problem Definition What does our system do? How does the system work? Implementation.
Campus Meeting on CSUID Implementation – SSN Purge Pat Burns and Steve Lovaas ACNS July 28, 2006.

Campus Meeting on CSUID Implementation – SSN Purge Pat Burns and Steve Lovaas ACNS July 28, 2006.
Information Security Awareness April 13, 2003. Motivation Recent federal and state regulations and guidance Recent federal and state regulations and guidance.

Information Security Awareness April 13, Motivation Recent federal and state regulations and guidance Recent federal and state regulations and guidance.
COLLECTIVE BARGAINING REPORTING Gateway User Guide Data Entry and Submission January 2014.

COLLECTIVE BARGAINING REPORTING Gateway User Guide Data Entry and Submission January 2014.
Shared File Service VM Forum January, 2012. SFS Topics Targeted Usage Security Accessing CIFS Shares Availability & Protection Monitoring Pricing.

Shared File Service VM Forum January, SFS Topics Targeted Usage Security Accessing CIFS Shares Availability & Protection Monitoring Pricing.
Summer 200811 IAVA1 NATIONAL INFORMATION ASSURANCE TRAINING STANDARD FOR SYSTEM ADMINISTRATORS (SA) Minimum.

Summer IAVA1 NATIONAL INFORMATION ASSURANCE TRAINING STANDARD FOR SYSTEM ADMINISTRATORS (SA) Minimum.
I NDULGENC E There is no need for oversight or management direction. All staff members are superstars and act in the best interest of the company.

I NDULGENC E There is no need for oversight or management direction. All staff members are superstars and act in the best interest of the company.
Security Issues Steve Lovaas, ACNS IAC, 22 April 2008 Colorado State University1.

Security Issues Steve Lovaas, ACNS IAC, 22 April 2008 Colorado State University1.
Deploying Tools for Cleaning Personal Information University of Pennsylvania School of Arts and Sciences Justin C. Klein Keane Sr. Information Security.

Deploying Tools for Cleaning Personal Information University of Pennsylvania School of Arts and Sciences Justin C. Klein Keane Sr. Information Security.
LMS Gap Analysis 6/15/2011 Department of Personnel.

LMS Gap Analysis 6/15/2011 Department of Personnel.
Using Cornell’s Spider to scan for sensitive information January 27, 2009 Steve Lovaas, ACNS Colorado State University.

Using Cornell’s Spider to scan for sensitive information January 27, 2009 Steve Lovaas, ACNS Colorado State University.
SERVER Betül ŞAHİN - 21001525. What is this? Betül ŞAHİN - 21001525.

SERVER Betül ŞAHİN What is this? Betül ŞAHİN
Virtual Memory Tuning   You can improve a server’s performance by optimizing the way the paging file is used   You may want to size the paging file.

Virtual Memory Tuning   You can improve a server’s performance by optimizing the way the paging file is used   You may want to size the paging file.
Chapter 19 Security Transparencies. 2 Chapter 19 - Objectives Scope of database security. Why database security is a serious concern for an organization.

Chapter 19 Security Transparencies. 2 Chapter 19 - Objectives Scope of database security. Why database security is a serious concern for an organization.
MAIRIS Training sessions will be offered on the following dates and times: Thursday, February 20 th, 9:00 a.m. Tuesday, March 11 th, 2:00 p.m. Monday,

MAIRIS Training sessions will be offered on the following dates and times: Thursday, February 20 th, 9:00 a.m. Tuesday, March 11 th, 2:00 p.m. Monday,
Obtaining a User Account Example Email Logging Into the CIP Website.

Obtaining a User Account Example Logging Into the CIP Website.

Similar presentations

Ads by Google