From: F.M. Taylor (root@uranium.indstate.edu)
Date: Tue Apr 30 2002 - 11:44:50 EDT
We are in the process of developing security policies and procedures.
During this process we have identified certain types of data that we
have classified as sensitive, that cannot (by policy and law) be stored
on non-secured workstations. We are certain that some workstations have
"sensitive data" stored on them, due to a previous lack of policy
preventing it. We have no idea where this data is, or in what format it
is stored. We are certain that very few of the 5000 or so PCs are secured
to the degree that this type of data requires.
We are looking for a tool that can be used to scan all of the
workstations for the types of data elements we have determined are
sensitive, and report the findings. We can then move to either secure
the workstation, and/or remove the offending data elements. Examples of
the types of data we would be looking for are SSN, GPA, and other data
types as defined by HIPPA and FERPA. The OT part is that most of our
workstations are some flaavor of windoze.
Does such a tool exist, and where can I get it??
If you know where the correct place to ask is, please enlighten me.
-- Mike Taylor Coordinator of Systems Administration and Network Security Indiana State University. Rankin Hall Rm 053 210 N 7th St. Terre Haute, IN. SANS GSEC http://www.sans.org/ _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:24:16 EDT