department menu

Identity Finder Guide

Welcome to the Spirion Training Guide

Spirion (formerly know as 'Identity Finder') is a program that will scan your computer for protected information such as social security numbers, drivers license, credit card numbers, and more.  By default, Spirion only scans for social security numbers and driver's licenses.

A scan of all campus computer equipment is required to adhere to the policies and guidelines set forth by the CSU.  Spirion will automatically scan your computer every other Friday and present you with the results.

This webpage will serve as your guide for running the scan and processing the results.

Launching Spirion for the First Time

Click Start, type "spirion" and press enter on your keyboard:

start-menu.png

 

Creating a Profile

When you first launch Spirion, it will ask you to create a profile password.  This password should be unique from your campus and other passwords.  Your Spirion profile is used to store items you have ignored in previous searches, and save any settings you have selected within your Spirion install.  These settings and your profile password are local to your computer's Spirion install.

new-profile.png

Starting the Search

profile-sign-in.png

The Search Wizard is a quick way to begin using Spirion.  You can immediately start the search with the current settings by clicking the Start Search Now button.

search-wizard.png

You can also start a Spirion search by clicking on the Start button in the top right of the Spirion window after you have logged in to your Spirion profile:

spirion-start.png

Running a search on any system for the first time can take several hours.  You can continue to work while Spirion searches your computer, but it may slow your computer’s performance.  You may prefer to begin the scan at the end of the day and allow it run overnight. Your screen should be locked (Windows Key+L) while the scan is running and while you are away from your computer.

Spirion will create a report that displays every file containing confidential identity information.  The Status Window, shown below, will display the current progress of the scan.

status-window.png

If you minimize Spirion, the search will continue running.  When Spirion is running a search, the Spirion icon can be seen in the notifications area of your task bar:

taskbar notification

When the scan is finished the screen below will show.

search-summary.png

Reviewing Your Scan Results

From the Search Summary screen shown above, click Advanced and following window will open.

results-pane.png

The section marked A is the Results Pane.  This will list all of the items that contain protected information found by Spirion.

The section marked B is the Preview Pane, where you can preview any documents containing protected information by clicking on the document in the results pane.

Section C is the Properties Pane, which provides information about the file that you have selected in the Results Pane.  For our purposes, the most important items in this area are the filepath and type of file.

When reviewing these results you should be looking for:

  • Social Security Numbers
  • Credit Card Numbers
  • Driver's License Numbers

False Positives

Not every result returned by Spirion is going to be protected data.  For example, on our campus student ID numbers are 9 digits long and can often be mistaken by Spirion as Social Security Numbers. Therefore it is necessary for an individual to review each result of the Spirion scan.

Working with Your Results

For each result:

  1. Determine if the record flagged is a false positive or legitimately protected data (review the Data Classification Standard for examples of protected data)
  2. For records that are NOT false positives, determine if there is a business need for you to retain this data
  3. If there is a business need for you to retain the data, you must secure the file using Azure Information Protection or the Spirion "Secure" feature (WARNING - Files protected with Secure require a password.  If you lose this password, the file is unrecoverable, so it is highly recommended that you use Azure Information Protection instead.)
  4. If there is not a business need to retain the protected information, you can either delete the file entirely, or use the Spirion "Scrub" feature to remove the protected data.  Please note that the Scrub feature only works on editable documents, and only on the newest versions of Office files (.docx, .xlsx, etc.). 
  5. If the record flagged is a false positive, use the Spirion "Ignore" feature to add the item to the ignore list so that it is not flagged on subsequent scans.

Spirion Actions

  • Shred: deletes the file containing protected information from your computer
  • Redact: will redact the protected information from the file, but leaves the file on your computer
  • Encrypt: password protects the file*
  • Ignore: adds the item to a list of findings to ignore on subsequent searches

 spirion-actions.png

*Encrypting files using Spirion is not recommended.  See below for more details.

Shred

Shredding a file removes it completely from your computer.  This cannot be undone, so shred carefully!

Shredding a file containing protected information is the appropriate action to take when you no longer need the file or the protected information it contains.

To Shred a file, select the file in the Results Pane and click Shred in the Main ribbon.

Redact

Redact removes the protected information from the file, but otherwise leaves the file intact on your computer.

Redacting protected information is the appropriate action when you no longer need the personal information but need to keep the file.

To Redact the information from a file, select the file in the Results Pane and click Redact in the Main ribbon.

Note: Redact is only available for the newest format Word, Excel, and text files.

Encrypt & Azure Information Protection

Encrypt

The Encrypt function password protects the file with a password chosen by you.

Encrypt should only be used as a last resort for files that contain protected information that you have a business need to retain.

To Encrypt a file, select the file in the Results Pane and click Encrypt in the Main ribbon.

When you click Encrypt, you will be prompted to enter a password to secure the file.

WARNING! If the password used to encrypt a file is lost, this file cannot be recovered!  You may write down any file passwords and the associated file name and deliver this list to the Information Security Team for safe keeping.  Again, if a file's password is lost, the file is NOT recoverable.

Azure Information Protection

Azure Information Protection is a file encryption solution provided by the campus. This solution

To protect a file using Azure Information Protection, right-click on the file in the Spirion results window and select "Open File Location":

open-file.png

In the File Explorer window that opens, right-click on the file you want to protect and select "Classify and Protect". 

Check the "Protect with custom permissions" checkbox, and if you do not need to share this file with anyone else, click "Apply".

More detailed instructions on Azure Information Protection can be found on the Azure Information Protection webpage.

Ignore

Ignoring a file leaves the file and any protected information it may contain on your computer, and marks it to be ignored on subsequent searches. When Spirion identifies a ‘false positive’, you should utilize the Ignore feature.  Ignore should not be used for any other purpose that false positives.  If you still need access to any files containing protected information and you cannot either shred or scrub it, the file must be secured.

You can Ignore either the file location, or the individual match identified by Spirion.  Only choose "file location" if the contains a single identity match, otherwise you may ignore legitimate matches

No Results

If no results are found by Spirion this is a good thing.  However, this does not guarantee that your computer does not contain protected data. It simply means that the patterns used by Spirion to search your computer did not find any results. You still have a responsibility to safeguard any protected data you may handle or create during the course of your job duties.