Purdue University
Search For: in

Purdue Home | Business Services BSC | HR/Fin Zone

Business Services Computing Zone for Human Resource/Financial Areas

spacer
topmenu.gif
General Information Zone Advisory Committee Forms Frequently Asked Questions Printers Laptops Policies/Procedures Support

Home Computer SSN Scanning

This memo outlines a process that provides a way to help identify SSNs from past business usage that might be present on home computers.  The tool listed below can also be used for personal use.  Please follow your department’s recommendation for performing home SSN computer scans.

It is a Best Practice not to have files with sensitive or restricted data stored anywhere except on your designated network drive space.  More information about data handling and security can be found at: http://www.purdue.edu/Business/Security/Training/dataHandling.htm.

  1. Business Services Computing recommends the use of the “Spider” Tool, as developed by Cornell University, to scan for the potential presence of SSNs on a home computer. The Spider Tool is the tool used by BSC to perform recurring, monthly SSN scans on our supported network drive spaces.
     
  2. We thank our counterparts at Cornell for making this tool available for use and Purdue’s Student Services Technology and Assessment for providing the content of this memo.
     
  3. With any scanning tool comes the standard disclaimers that:
     
    1. No tool is guaranteed to find each and every instance of the targeted scan.
    2. Each tool will identify a number “false positive” hits, thus potential identified files need to be reviewed.
    3. Be careful where you place your log file results as they could contain the same type of information for which you are searching.
       
  4. Cornell’s documented considerations for using this tool are located at:  http://www.cit.cornell.edu/computer/security/tools/
     
  5. Cornell’s instructions for downloading, installing, configuring, and running this tool are located at:  http://www.cit.cornell.edu/security/tools/spider-windows.html. The configuration instructions are very specific and explain the possible settings. Most of the default settings are set correctly. The application icon is placed in the start menu in a folder labeled “Cornell Spider”.  The items under the configure pull down menu/settings that definitely need changed are:
     
    1. Setting the target space aka “Start Dir…”
    2. Clicking “Recursively process subfolders”.
    3. Typing in a path and name for the log file on the Logging/Local tab.
       
  6. Spider was recommended for this particular situation due to:
     
    1. User friendly interface.
    2. Effectiveness in finding the targeted search of 3-2-4 format of SSNs with an acceptable level of false positives.
    3. Configuration flexibility, including the ability to target and/or exclude specific file types and or target areas.
    4. The tool is being improved frequently.
    5. The ability to scan any Windows™ mapped drive.
    6. The ability to import the log file into most applications (i.e.: Excel™).
    7. The ability to add a search for a Straight Nine SSN format by adding a \d{9} Custom RegEx expression.  This RegEx will find any numeric string of 9 or more numbers, so false positives will increase due to finding items like phone numbers.

Notes: The scan can take anywhere from 10 minutes to multiple hours depending on the number of files on the computer.  An alternative to using Windows Update (slow) to verify that .NET Framework 1.1 is installed is to look in control panel/add-remove programs and verify it is listed as an installed application.

If you have questions about the scanning tool usage, please contact your Technical Coordinator.  The Business Contact will contact the Zone for additional assistance.  Thank you for your help with SSN remediation efforts!

 


Last Updated on May 04, 2009