SSN Rescan and Purge Redux

SSN Rescan and Purge Redux

Pat Burns, VPIT

January 29, 2008

Jan. 24, 2008 SSN Scan Redux 2

Status

Initial exercise was successful at removing thousands of files with millions of SSN’s and CCN’s, and substantially reduced the risk to our constituents of identity theft

However, the process was far from perfect, it relied on attestations from individual users, and lacked “checks and balances”

Recent events indicate that we may still have tens of thousands of SSN’s on CSU systems


We Need to “Fix” this Problem Provost/SVP directive, at the recommendation of the

VPIT Rescan and purge, using a new process with

checks and balances, that reasonably assures removal of virtually all SSN’s on our systems Invasive/intrusive process is approved, but only for the

purposes of identifying sensitive data that need to be purged

The ‘default’ is to err on the side of protection, i.e. removal Refresh “scan and purge” periodically, at least once

per annum


New Process

System administrators will be responsible for Rescans of systems now using new, improved spider tool Getting lists of target files to their users for their

inspection/action Determining that files with SSN’s, CCN’s and other

sensitive information have been removed Rescan by February 22, 2008 Verify that files with sensitive information have been removed Default is to remove files to off-line storage

Reporting to the VPIT that the new process has been completed satisfactorily


Other

Steve Lovaas will work with IT staff on spider implementations

Multi-user servers are the primary target at this time Extend to individual systems, based upon

judgment Begin immediately Deadline for sysadmins reporting back to the

VPIT is Feb. 29


Reporting Format

For all web and multi-user file servers Report numbers of files

“Before” – found initially on the next scan “After” - after users have remedied “Final” – after sysadmin actions

Discussion, if “final” number is not 0

Documents

SSN Rescan and Purge Redux