Sensitive Data Scanning

The University of Wisconsin System policy 1031 requires all UW campuses to protect the data security of their students, employees, and campus.  It is the responsibility of each campus to prevent High Risk data from unauthorized disclosure and ensure its responsible handling and storage.

The Information Security Office (ISO) licenses Spirion data security software to help identify files residing on UWSP servers and computers that contain High Risk sensitive data.

The three levels of sensitive data, which includes High Risk data, are defined by UW-System Policy.  


Each UW-Stevens Point, UWSP at Marshfield, and UWSP at Wausau campus employee is responsible for scanning their dedicated employee computer(s) and removing all High Risk that is found. See the following for help.

Step 1: Scan your computer for High Risk data

Running your Spirion scan is easy and takes just a few clicks to start.  Once your scan has completed see Step 2 for how to securely clean High Risk data from your machine.

Step 1: How to scan for High Risk data
If you have files containing High Risk data which must remain unredacted for official University business, contact the Information Security Office and request they be moved to a secure folder.

 

Tip: Start your scan before you leave work and lock your computer. Your Spirion scan will continue to run while you are away. Your data security scan can take some time depending on number of files and the data you work with.

To start your Spirion scan:

  1. Open Spirion 

    • go to Windows Search, type Spirion and select it from the list that displays, OR,

    • Click the Windows button at the lower-left corner of your computer and select Spirion from the list.

  2. In Spirion's New Profile box, type uwsp (lowercase) in both the Enter Password and Confirm Password boxes.

  3. Click OKYou only need to confirm this password to create your Spirion profile.

  4. Click OK to the Password Set box.

  5. Click the Data Types tab and select the following to include in your scan:

    • Social Security

    • Credit Card

    • Driver License

    • Passport Number

  6. Select the Locations tab and select the following:

    • Files

    • E-Mails

    • My Computer

    • Compressed Files

    • E-Mail Attachments

    Note: we do not select Cloud Folders.  OneDrive Cloud files are scanned on your local computer through your OneDrive Sync Client.

  7. Click Start.

  8. The Spirion Status Window opens. Here you can watch a live update of the number of files that have been scanned and number of High Risk data items recorded.

  9. To hide / reopen the Status Window screen click Status Window on the Main tab.

When your scan has completed, go to Step 2 to review the data Matches that display in the Spirion list and decide on the best Action to take to securely manage this High Risk data.



Step 2: Manage your security scan results

Once your data security scan completes, Spirion lists all files found on your computer which contain one or more matches to High Risk data. 

In Step 2 you will:

  1. Review each data match and determine whether the file does indeed contain High Risk data, then,

  2. Select the file and chose a Spirion Action to ensure the High Risk data and file are managed securely.

Removing High Risk data from your computer is recommended.  If you have files that still see active use that need to retain this sensitive data, contact the Information Security OfficeThe ISO will work with you to create a secure folder / location for these files.

Step 2: How to securely manage your scan results

Once your security scan completes, Spirion's Main tab lists all files found on your computer containing High Risk data pattern Matches.

Spirion identifies sensitive data based on pattern matches. For example, our SSNs have the pattern, xxx-xx-xxxx. 

A. Review your data matches

On Spirion's Main tab, select a data match from the Match column.  Use the Preview Pane to view the matched data within the context of the file.

  • The Match column contains a distinct piece of information identified in the file as High Risk.

  • For Multiple Matches, click the arrow to see all data matches for the file. Select each separately to Preview.

Use the Preview Pane to determine whether the data match is High Risk data.

B. Chose an Action

Place a check to the left of the file(s) you want to manage.

Select one of the following Actions: 

  • Shred:  The file is no longer needed and can be permanently deleted.

  • Redact:  The file will be retained but the sensitive data should be removed. Redact is not available for some file types such as email files.

  • Ignore:  The data match is not sensitive data.  Click Ignore then select This Item Location.  In the Ignore File box select False Positive, then click Save.

    Choosing Ignore flags the match so it is not found in your future security scans. 

All Ignored findings are identified by regular ISO scans and reviewed for misuse.

Tip:  To save and continue reviewing your scan results at a later time, see the Additional Information below, " If I don't have time to finish reviewing my scan results".

Your objective is to complete your review and securely manage the files found in your Spirion scan.  Once your file list is empty your review is complete! You can now close Spirion. 

 Click "x" at the upper-right corner of the Spirion screen or click the File tab and select Exit to close Spirion without losing the work you have completed.


Additional Information

Who is responsible for scanning UWSP computers?

Each UWSP employee is responsible for scanning their dedicated work computer(s).

The ISO scans shared department computers and network drives and shares the results of the scans with the designated Data Steward for each department.

What if I have files that need to retain their High Risk data?

Contact the Information Security Office and request a secure storage location for your High Risk data files. 

If I don't have time to finish reviewing my scan results can I save and close Spirion, then complete my review later?

Yes.  Click File and select Save.  Save your scan to the Documents folder (the default save location). You can then "x" out of Spirion or click the File tab and select Exit.  When you are ready to continue your review, open Spirion.  You will be prompted to enter your Profile password: uwsp(all lowercase).  Give Spirion several moments to reload your saved scan results.

What if I have more than one dedicated computer? Does each need to be scanned?

Yes.  But realistically, if you use the OneDrive - UWSP Sync Client, when you scan four first computer, the changes you make to your files through Spirion will sync to your OneDrive Cloud storage and to all of your other devices that sync files with your OneDrive Cloud.

You still need to run the Spirion scan on your other dedicated computer(s) but these additional scans should find very little unless files have been saved to folders outside of your OneDrive Sync Client.


THANK YOU FOR HELPING TO KEEP DATA SECURE FOR UWSP STUDENTS, EMPLOYEES, AND OUR CAMPUSES!


Do you have additional questions or need assistance with your scan?  Contact the ISO.






​​ ​