Remediating Sensitive Data using Spirion

Your computer is scanned on a regular basis using parameters set on the MIT IS&T Spirion Console.

The standard schedule for Spirion to scan your computer is Wednesdays @ 11am (unless otherwise designated by your department.)

You are required to remediate any sensitive data found on your computer. (e.g. Social Security, Bank, ATM/Debit, Credit Card, Driver’s License or State issued ID Numbers)

Recommended Actions

  • SECURE any documents found with Sensitive Data in them only if you have written authorization from your Supervisor or Department Head to retain documents with sensitive information. (SECURE only works with some type of files, such as MS Office documents, compressed files, Adobe PDF files, some text files.), otherwise…
  • SHRED any documents (e.g. Word, Excel, PowerPoint, PDF’s, etc.) found with sensitive data. (See the section below “Actions You Should Never Take” regarding EMAIL).
  • Use the Spirion IGNORE option for matches that are “false positives”. (A match noting an MIT Account Number is not considered sensitive information, therefore it would be considered a “false positive”.  Student ID Numbers are not considered sensitive data either.) Doing this will remove these items from display the next time your computer is searched.

Not Recommended

  • SCRUB is NOT recommended, as we have found instances where SCRUB has not changed all instances of sensitive data to XXX-XX-XXXX. Where X’s are used to replace sensitive data.
  • QUARANTINE is NOT recommended.  Quarantine still retains sensitive information on your computer.  You may not retain sensitive information on your computer without written authorization from your Supervisor or Department Head.

Actions You Should Never Take!

  • NEVER select ALL found matches and choose a global action such as SECURE or SHRED. (You may shred a false positive in a system file.  This could disable your computer.)  Please carefully review each match and the type of document it is before deciding which action to take.  This can be tedious when first using Spirion, but will become more manageable over time as you make distinctions between the matches you SHRED, SECURE or IGNORE.
  • EMAIL – NEVER attempt to SHRED, SECURE or SCRUB a match discovered in an email message. You MUST locate and delete the message from within your mail program.  Unless the email is deleted from within your mail client and you empty your mail trash, the message may not be deleted from the server. In this case the server will continue to re-download the message to your mail program and it will continue to show up in your Spirion scans.

Mac Users: NEVER attempt to SHRED, SECURE or SCRUB a match discovered in your iCal Calendar Cache. Your calendar will become disabled and will need to be set up again.  Locate the calendar event in iCal and EDIT the event to remove any sensitive data found there.