Find sensitive data before the bad folks do!

Spirion (formerly known as UNH Identity Finder or IDF) is an application offered by Information Security Services (ISS) to UNH faculty and UNH/USNH staff.  Spirion scans your computer, file-shares and emails for unsecured sensitive information such as Social Security Numbers, passport numbers, credit card numbers and passwords. This is sensitive data which should not be stored on desktop or laptop computers but only on approved servers and applications.  Spirion helps you locate this data on your workstation and take appropriate action to remove or protect sensitive data which may be on your computer.  Attackers look for sensitive information to steal money or identities, and the best defense is not to have that information on your computer in the first place.

While you may think that you could not possibly have such information on your computer, use of Spirion at UNH has revealed numerous cases where departments and individuals have retained old student files including their SSNs which were used as the student ID up to 2006.  In most cases, not only were the UNH employees unaware that the data was on their computer, but the data was old and no longer required to conduct the University’s business creating an unnecessary risk.  A security breach of sensitive data often results in significant unplanned costs – over $15,000 in a recent incident - to the department responsible for the breach.  Regular use of Spirion can help avoid both potential harm to affected individuals and the University’s reputation as well as financial impact to your department.

Spirion’s “Results Wizard” feature is especially helpful if you don't have a lot of experience working with this type of program. It displays the findings of scans to you and guides you through the process of addressing each individual issue to ensure the security of your information.  Spirion can also be customized to find other sensitive data that your department may handle including bank account or driver’s license numbers for example.

Spirion offers you several different options for remedying each situation it finds.  Once the program has identified sensitive information on your computer, you can decide how you'd like to take care of it.  For instance, you can just send it to the “Recycling Bin”, which is a good choice if you're not sure you want to permanently delete it yet.  Alternately, if you know you do want to eliminate the information permanently, you can use the “Shredder” feature, which makes it completely unrecoverable.  If the sensitive data must be retained, UNH offers appropriate storage solutions including Box@UNH so that you can transfer the information before removing it from the computer.

Spirion takes just minutes to download, install and run.  Licensing is limited, so for instructions and access to the installer please open a ticket with the IT Service Desk at 2-4242 or use the webform at https://td.unh.edu/TDClient/Requests/ServiceDet?ID=167 .   If you have other questions, need assistance either to install or deal with findings, you can get help from your departmental IT Support or contact UNH ISS by email at info.sec@unh.edu.

Don’t wait… the attackers are always busy looking for information to steal!

Custom Fields
  • Department: Information Security Services
Attached Files
There are no attachments for this article.
Related Articles RSS Feed
Recommended tools for SFTP/FTP
Viewed 340 times since Mon, Sep 10, 2018
Tips for Keeping Your Devices Secure
Viewed 835 times since Fri, Aug 4, 2017
ESI: Electronically Stored Information Procedures
Viewed 2038 times since Wed, Apr 29, 2015
How to Determine if Your Windows Device is Automatically Updating
Viewed 721 times since Thu, Nov 2, 2017
Microsoft Security Essentials and Windows Defender Installation
Viewed 44436 times since Wed, Aug 12, 2015
Using Facebook, Google or other Social Login Services
Viewed 1102 times since Fri, Aug 26, 2016
Password Managers 101
Viewed 921 times since Mon, Oct 16, 2017
Tips to Avoid Malware
Viewed 1354 times since Thu, May 7, 2015
FAQs- System Center 2012 Endpoint Protection, Microsoft Security Essentials, and Windows Defender
Viewed 5301 times since Wed, Aug 12, 2015
What’s the Deal with Publicly Posted Credentials?
Viewed 887 times since Thu, Jun 29, 2017
MENU