I am the Senior Solutions Engineer for Spirion, LLC. My adventure using Spirion Sensitive Data Manager began in 2007 as the Indiana University Technology Services Manager for Student Enrollment Services. We had an organizational mission to provide a solution that would allow a better understanding our data footprint and the types of data existing on our workstations, servers, and websites. As it happens fate guided me to the company Identity Finder "Spirion".
I was first exposure to Identify Finder in 2007 and recall being impressed by the ease to a create custom installer for our workstations and how quickly information was attainable for any of our managed devices. This was an empowering moment as a data steward and ultimately enabled the University to meet compliance (HIPPA and PCI-DSS), react favoribly to IR audits, and data security managment. The software has continued to impress me by the quality of development and flexibility of settings. In May of 2015 I moved to an Lead Enteprise Operational Security Engineer role to implement an enterprise adoption. As result of this experience my relationship with the Spirion support, sales, and leadership teams also matured. Having first-hand experience managing, implementing strategy, and the adoption of the product, joining Spirion made sense to share my real-world expertise with its customers.
During the course of many years administrating the Spirion (Formally Identity Finder) Sensitive Data Manager client and web console services I acquired experiences managing large and small deployments in both centrally and decentralized managed environments. As result of these varied experiences I have gained great insight into varied architectural and implementation strategies, real world exposure to managing data, the value of reporting to make decisions, and strategic plans to ensure success by meeting compliance.
Success can be hard to measure, however success of this software tool for me was the visibility gained by understanding where data resided, the classification (importance and sensitivity of the data), and the data types (SSN's, CCN, and more). It allowed a better understand where data was located and the sensitivity of the data which facilitated strategic decisions based on that data!
In my experiences of Sensitive Data Protection implementations, success was measured differently for each organization. However, establishing good communications and setting expectations for the tools use will garner adoption by decision makers. The efficiency to implement the software helped with adoption and deployment.
Data is awareness is the ultimate goal and the changing tides of the cyber world and increased awareness of IT security, understanding the where, the type, and criticality of data has been in my security experiences the most enlightening aspect of being able to make informed decisions and improving IT security.
My hope is that as a security practitioner I can share my real world experiences using the Spirion Sensitive Data Manager in varied scenarios, provide encouragement, tips, architectural design, and provide useful decision points and guidelines for the decision makers as a new world of data discovery becomes possible. I am certain there are many components I have likely left out, however I will continue to add and modify resources to help make your deployment, adoption, and remediation as successful as possible.
I leave you with one thought, take a moment to think about this, "IT security ultimately results in an effort to protect the Human, that data contains." Mind blown!
The Sensitive Data Manager solution has a central web console acessible by any major web browsers to view the sensitive data results, locations, data types, data classification, and much more. The technology provides client and and clientless deployment methods which report back to the central web console.
The solution provides many automated processes that locate sensitive data. The solution utilizes advanced algorithms incorporating contextual analysis, proximity checks, validations, industry checksums, minimum counts, and a variety of user customizable settings.
The solutions validation algorithms that identify keywords, negative keywords, context, minimum counts, and a variety of user-customizable settings, allowing the solution to only match the sensitive information. Once potentially sensitive data is located, the solution validates results against rules, such as Social Security Administration rules to ensure that an SSN could have been issued. It passes potential credit card numbers through the Luhn algorithm, and compares the number against definitions from issuing banks and financial institutions.
These few examples of intelligent, real-time and context-aware search features maximize accuracy and drastically reduce false positive results.