SSTA has prepared this memo for its supported users to provide a way of identifying SSNs from past business usage that might be present on their Removable Media. Follow your department’s recommendation for performing this action.

Remember, it is Best Practice not to have files with sensitive or restricted data stored anywhere except on your designated network drive spaces or in a locked cabinet if on removable media.

APPROACH:

1. Each supported area will determine if they have this need. If they do, they will name 1 to 2 people from their staff to be their area’s designate to perform the scans.
    
2. SSTA Workstation Technology will deploy the Cornell Spider scanning tool to these designates. This is one of the same tools that SSTA uses to scan our supported network drive spaces.
    
3. Each supported area will determine their area’s procedures for having their staff make removal media scan requests to their designate. These procedures should include frequency, timing, how to make the request, who actually has the responsibility to act upon the scan results, etc.
    
4. Cornell’s documented considerations for using this tool are located at:
   http://www.cit.cornell.edu/computer/security/tools/
    
5. Cornell’s instructions for configuring, and running this tool are located at: http://www.cit.cornell.edu/computer/security/tools/spider-windows.html
    
6. Caveats to Designate Scanning:
1. The tool has the ability to scan any Windows® mapped drive. The Designate use should be restricted to scanning only removable media. SSTA will continue to do our supported area’s network drive scans during off business hours due to performance and reliability impacts.
2. False positive detections and missed detections will exist with any tool. The report logs need to be used as a guide and not as an absolute indication.
3. Care needs to be taken where the resulting log file results are stored and handled. Since these results will be small listings, possibilities are to print it and hand it back with the scanned media, or to save the log file on the target media.
    
7. The scanning tool was demonstrated at a Dec 18th meeting of DCAC & ISDC staff. This input may aid in the designate selection process.
    
8. Steve Baker will provide a training session for the supported area designates once they are named.
    
9. A newer version of the Cornell Spider tool now includes the ability to add a search for a Straight Nine SSN format by adding a \d{9} “Custom RegEx.”
    
10. If the designates have ongoing questions about the scanning tool usage, they can contact Steve Baker.