Spirion (formerly Identity Finder)

Spirion

Auburn University is committed to avoiding unintentional disclosure of protected information such as Social Security numbers, credit card numbers, and Protected Health Information (PHI) as has recently happened at Auburn and many of our peer institutions. While Auburn has taken a number of steps to prevent this kind of disclosure, offices are still contacted from time to time with potential breaches, and often no one even expected the data was being stored on the system involved!

Auburn has chosen Spirion to enable University employees to comply with the University mandatesĀ of protecting Prohibited and Restricted data from unwanted disclosure. The goal of deploying Spirion is for Auburn to be the first to find this risky data and to be sure it is properly protected so Auburn can avoid any negative reputational consequences because of a breach of protected data.

Spirion scans your files for personally identifiable information (PII) such as social security numbers and credit card numbers, and provides you or your IT support team with a report that allows you to delete PII that is unneeded.

Questions

If you have any questions regarding Spirion, please contact your IT Provider or :

Jay James
ijj0001@auburn.edu
(334) 844-9348

User Guides

Frequently Asked Questions

  • Who should use Spirion?
    Local users and/or IT administrators (depending on each department’s procedures) can execute Spirion scans. Contact IT administrator from your department for more information.
  • Where do I obtain a copy of Spirion?
    Check with your IT Administrator as Spirion may already be installed on your University-owned computer.
  • What should be Scanned?
    Any desktop, laptop, or other unsecured location on the network should be scanned regularly.
  • How often should devices be scanned?
    It is recommended for all device scans to be updated every 30 days.
  • What should I do after scanning?
    It is recommended to follow the Auburn University Spirion Data Decision Workflow (graphical/non-accessible).

    Data Decision Workflow

    Start Scan and begin to evaluate the results. > Is this result a False Positive?

    • If "false positive" is yes, click ignore > Have you reached the end of the result list?
      • If "end of results" is yes, scan is complete
      • If "end of results" is no, continue through scan
    • If "false positive" is no, Is this a file you need to keep?
      • If "need to keep" is no, shred/delete the file. > Have you reached the end of the result list?
        • If "end of results" is yes, scan is complete
        • If "end of results" is no, continue through scan
      • If "need to keep" is yes, is the file useful without sensitive data?
        • If "useful to keep without data" is yes, remove the sensitive data from the file. > Have you reached the end of the result list?
          • If "end of results" is yes, scan is complete
          • If "end of results" is no, continue through scan
        • If "useful to keep without data" is no, move the file to a secure location. > Have you reached the end of the result list?
          • If "end of results" is yes, scan is complete
          • If "end of results" is no, continue through scan
Last Updated: September 06, 2017