Spirion (formerly know as 'Identity Finder') is a program that will scan your computer for protected information such as social security numbers, drivers license, credit card numbers, and more. By default, Spirion only scans for social security numbers and driver's licenses.
A scan of all campus computer equipment is required to adhere to the policies and guidelines set forth by the CSU. Spirion will automatically scan your computer every other Friday and present you with the results.
This webpage will serve as your guide for running the scan and processing the results.
Click Start, choose Programs, click the Identity Finder folder, and click on Identity Finder.
The Search Wizard is a quick way to begin using Identity Finder. You can immediately start the search with the current settings by clicking the Start Search Now button.
Running a search on any system for the first time can take several hours. You can continue to work while Identity Finder searches your computer, but it may slow your computer’s performance. You may prefer to begin the scan at the end of the day and allow it run overnight. Your screen should be locked (Windows Key+L) while the scan is running and while you are away from your computer.
Identity finder will create a report that displays every file containing confidential identity information. The Status Window, shown below, will display the current progress of the scan.
When the scan is finished the screen below will show.
From the Search Summary screen shown above, click Advanced and following window will open.
The section marked A is the Results Pane. This will list all of the items that contain protected information found by Identity Finder.
The section marked B is the Preview Pane, where you can preview any documents containing protected information by clicking on the document in the results pane.
Section C is the Properties Pane, which provides information about the file that you have selected in the Results Pane. For our purposes, the most important items in this area are the filepath and type of file.
When reviewing these results you should be looking for:
Not every result returned by Identity Finder is going to be protected data. For example, on our campus student ID numbers are 9 digits long and can often be mistaken by Identity Finder as Social Security Numbers. Therefore it is necessary for an individual to review each result of the Identity Finder scan.
Shredding a file removes it completely from your computer. This cannot be undone, so shred carefully!
Shredding a file containing protected information is the appropriate action to take when you no longer need the file or the protected information it contains.
To Shred a file, select the file in the Results Pane and click Shred in the Main ribbon.
Scrubbing a file removes the protected information from the file, but otherwise leaves the file intact on your computer.
Scrubbing a file containing protected information is the appropriate action when you no longer need the personal information but need to keep the file.
To Scrub a file, select the file in the Results Pane and click Scrub in the Main ribbon.
Note: Scrubbing is not available for Email, PDF, or file types other than Word, Excel, and text files.
Secure password protects the file with a password chosen by you.
Secure should only be used as a last resort for files that contain protected information that you have a business need to retain.
To Secure a file, select the file in the Results Pane and click Secure in the Main ribbon.
When you click Secure, you will be prompted to enter a password to secure the file.
WARNING! If the password used to secure a given file is lost, this file cannot be recovered! You may write down any file passwords and the associated file name and deliver this list to the Information Security Team for safe keeping. Again, if a file's password is lost, the file is NOT recoverable.
Ignoring a file leaves the file and any protected information it may contain on your computer, and marks it to be ignored on subsequent searches. When Identity Finder identifies a ‘false positive’, you should utilize the Ignore feature. Ignore should not be used for any other purpose that false positives. If you still need access to any files containing protected information and you cannot either shred or scrub it, the file must be secured.
If no results are found by Identity Finder this is a good thing. However, this does not guarantee that your computer does not contain protected data. It simply means that the patterns used by Identity Finder to search your computer did not find any results. You still have a responsibility to safeguard any protected data you may handle or create during the course of your job duties.