Data loss prevention (DLP) is a widely-used and necessary technology strategy. It is used to ensure that sensitive, proprietary, and research data, as well as personally identifiable information (PII) is not inadvertently stored on systems which are not explicitly approved for such use. The adoption and implementation of DLP is driven by rigorous state privacy laws containing stringent data protection or access components. Pennsylvania’s Breach of Personal Information Notification Act is such a law.
Increasingly, companies, universities, and government organizations make news headlines over the loss of sensitive and personal information. These losses come from data breaches, stolen laptops, and lost systems. Penn State implemented services to help reduce our sensitive data footprint and protect the sensitive data which we must have for our regular business needs. You can learn more about these services below.
Personally Identifiable Information
Penn State is committed to discovering, remediating, and securing personally identifiable information (PII) across its systems and networks. The University holds a license for a software package called Spirion to assist users and IT staff in this process. Once installed, Spirion scans systems for 4 different identity, or PII, types (Social Security numbers, credit card numbers, bank account numbers, and driver’s license numbers) within system files, folders, and email clients. Once potential matches are identified, the software alerts the user to remediate the potential PII matches found. More information is available on our Spirion page.
The Office of Information Security (OIS) provides a central encryption service from WinMagic called SecureDoc. The software is available for use by academic and administrative units at Penn State. In order to protect and secure sensitive information, full or whole disk encryption should be implemented on systems to safeguard such information in the event the machine is lost or stolen. At Penn State, full disk encryption is extremely important for protection against unauthorized access of sensitive information. More information is available on our Encryption page.
Need help? For more information or assistance with these DLP services, please use our DLP ServiceNow form to submit an inquiry.
Are you a new IT Staff member? Please speak with your coworkers and supervisors about your department’s data loss prevention strategy. If you require access to one or both of the above tools, please ask a more senior member of your team to submit a new user request for you using our DLP ServiceNow form.