Help Desk: (814)865-HELP security@psu.edu

Spirion

Protecting Sensitive Data at Penn State.

 

Penn State discovers, remediates, and secures personally identifiable information (PII) across our systems and networks. Spirion assists users and IT staff with this process. Spirion scans systems for four different identity, or PII, types (Social Security numbers, credit card numbers, bank account numbers, and driver’s license numbers) within system files, folders, and email clients. Once potential matches are identified, the software alerts the user to the potential PII matches and assists in resolving them.

What is Spirion?

Spirion is software licensed by Penn State to facilitate the discovery and remediation of PII across University-owned systems and networks. The software searches for Social Security, credit card, bank account, and driver’s license numbers contained within areas of a system including files, folders, and email clients. Once the scan is completed, the user is prompted to review the potential matches and remediate any PII found during the scan.

Why is it important?

Discovering and remediating PII helps to prevent data breaches, maintain compliance with state and federal laws, and meet user responsibilities defined by University policies and guidelines. Only University systems specifically approved and authorized for the storage of PII are allowed to do so for business purposes. This process ensures that our systems do not unnecessarily contain PII related to our employees, families, vendors, students, or other affiliates of Penn State.

How do I reduce false positives or increase scan speed?

It is normal for the first Spirion scan on your system to take up to a few hours to complete. Once the initial scan is completed, Spirion will only scan new files or files modified since the previous scan. For systems containing research data that is modified on a regular basis, Spirion can be set up to exclude specific folders or data storage locations if these areas are known to not contain PII. If you experience long scan times or see large numbers of false positives, please let your IT staff know.