Slashdot Mirror


How Cornell Plans To Purge Campus Computers of Personal Data

and so forth writes "Cornell lost a laptop last year with SSNs. Now, they've mandated scanning every computer at the University for the following items: social security numbers; credit card numbers; driver's license numbers; bank account numbers; and protected health information, as defined by HIPAA. The main tools are Identityfinder (commercial software for Windows and Mac), spider (Cornell software for Windows from 2008) and Find_SSN (python script from Virginia Tech). The effort raises both technical questions (false positives, anyone?) and practical issues (should I trust closed source software to do this?). Have other Universities succeeded at removing confidential data? Success, here, should probably be gauged in terms of diminished legal liability after the attempted clean up has been completed." Note: this program affects the computers of university employees and offices, rather than students' personal machines.

1 of 164 comments (clear)

  1. Re:What does "computers of university employees" m by topham · · Score: 4, Insightful

    a) too fucking bad.
    b) Sign this waver that says you are legally responsible if your repository of data were to contain information such as SSN/Credit Card etc.

    I don't get the premise of the article. Scanning for credit card data and SSN is quite easy and simple. It's no more intrusive than a virus scan. Being opened, or closed source doesn't make any bloody difference either.

    Intrusion detection systems should also be running and scanning for data that conforms with SSN or creditcard formats.