To view all policies from within the Spirion Console you can use the Spirion Settings Viewer.
Specializing in security architecture and data management.SANS certifications and (ISC)² Member and certifications.20 years as an IT professional with focus in data security and operational data security risk reduction.Real world solutions implementation experience in large and complex environments.
Will discuss the critical steps and fundamentals in protecting sensitive data against data leaks. Narrowing the project scope and creating data awareness is critical for a security programs success. Will discuss an approach to the implementation of a data steward project and implementing technical automation to help drive information worker security awareness and concentrating resources on protecting critical systems with personally identifiable information (PII).
As we move forward with a delivery of the next version of Spirion one of the prerequisites using Microsoft SQL Server if you are not using the Enterprise version, you will need to install the SP1 update previsou to installing Spirion or an upgrade. This is a good practice to be patched and up to date on your Windows servers and SQL servers.
On May 25, 2018 a new regulation across Europe known as The General Data Protection Regulation (GDPR) will be enacted. This transformational regulation defines measures that must be in place to effectively manage data at rest.
From a technical perspective there will be several provisions of the GDPR as they pertain to technical measures organizations must implement to protect and understand their data footprint. As an organization, your due diligence is to protect any data and more specifically data about any individual.
The required technical controls are still being defined and it's quite clear you must know what data you collect (for real) and where it is (for real)?
Security practitioners will be challenged to align their organizations to comply with the GDPR provisions. The technical controls you have or plan to implement now will affect business anywhere in the world that collect any European (EU) data, so it is up to the organization to understand the data footprint. Understanding the types of data being collected and where data is located (Databases, File servers, laptops, desktops, e-mail, websites such as SharePoint, etc.) are extremely important as it related to GDPR. An organization cannot protect data it is unaware of or its location.
Data management is part of all business process and the management of where that data exists is very challenging. As an IT professional for 20 years protecting all forms of data, my experience is that any rights management process you think works cannot assure you that all your data only exists on your database or file servers. We are humans and we all copy data from these devices to work on our local workstations or devices we take home. Once this data leaves these central repositories we have extended our network and organizational resources scope of security responsibility beyond the network.
The principal security posture is awareness of the data type (CCN, NIN, PIN, NID, ssPIN, etc) footprint and the sensitivity of this data through data classification for risk management, legal discovery, and compliance. Written business procedures and guidelines define the classifications however; it is the responsibility of management, IT professionals, and the employees to specify appropriate data handling procedures, retention, and appropriate storage.
Data stewardship is a passion of mine that matured over the decades of developing written process and then implementing the busness logic to the technical operations to facilitate the written process. Data is difficult to appropriately manage through manual process alone. As a key player stewarding data for more time than anyone could digest I hope to provide some perspective and lessons learned through my journey of interpreting business logic process and building technical process and implementation around the discovery and handling of data and how it aligns with the GDPR.
More to come…
Article 5(2), 25(1), 32(b)
My Experience as a Former Spirion Customer and Advocate and now a member of the Spirion Team.https://www.spirion.com/blog/experience-report-former-spirion-customer-advocate/
One of the helpful workflow rules provided in Spirion is the ability to Shred or Quarantine data that has not been accessed for a duration of time or data older than so many Days/Months/Years, etc.
To do this following these steps:
This workflow will now provide a data retention function.
Scenario - After a scan task has been initiated, how do you stop the already running Spirion scan. This may be required to stop a scan if an operations team needs to perform maintenance on the endpoint for patching, etc.
To clear jobs you can set this in the application settings screen.
Days to keep completed search progress information.
By default, search progress information for completed searches is kept for 7 days. Valid values are 0-9,999. A value of 0 means the search progress information of a completed search will be deleted the next time the Importing service job executes. The default value is 7 which will cause search progress information to be deleted 7 days after the search has completed.
This guide resource from the Spirion user guide should help in addition to the specific settings I have provided below - https://my.spirion.com/help/enterpriseconsole/index.htm#3460.htm?Highlight=groups
Pre-configuration using Active Directory Security Groups
The following are specific setup steps to setup an AD Group.
To upgrade or customize the Windows client build an MSI using the Identity Finder MSI Builder.
The following article has instructions and a download link for the Identity Finder MSI Builder version 10 - https://identityfinder.zendesk.com/hc/en-us/articles/115000019892#Creating%20an%20MSI%20Using%20MSIBuilder