macOS Spirion End User Documentation

SCANNING

Scheduled Scan

When a scheduled scan initiates, the Spirion program will automatically launch in a new window on your computer. The Spirion icon  will pop up on the dock and the window will be minimized. At any time, Spirion can be maximized by clicking the icon in the dock. When the scan is complete, another notification will appear. 

A search summary will appear when the scan is complete. The summary contains the number of identity compromising items on your computer, and the scan results should automatically appear behind it. If you minimize the window, clicking on the Spirion icon will maximize it again. You will need to complete remediation at this time. Do not save the report and return to it later.

Status Window

While a scan is running, you will be able to see a status window to track it's progress.

 

Predefined Settings

The Information Security Office controls the end user settings through policies on the server. Default settings are highlighted in the Spirion application. Spirion has five command menus of settings: Search, Review, Actions, Data Types, and Locations.

  • The Search menu includes the start, stop, resume and pause functions. The status window will display by default in an On‐Demand scan, but must be clicked for a Scheduled scan. 
  • The Review menu allows you to adjust how the scan results are displayed and selected. You can view them by unique identity matches or by source location, and can select or view the entries with this tool. To scroll through selections, you can use the “Previous Match” and “Next Match” options.
  • The Actions menu contains the action you would like to apply to an identity match. These are also available in the Spirion window, in the top panel. To determine which action to take, please refer to the Private Information Decision Tree.
  • The Data Types menu allows you to simultaneously search for identity types. Spirion is only enabled to search for four Private Infromation identity types (as shown with a checkmark to the left of the type): Social Security numbers, Credit Card numbers, Bank Account numbers, and Drivers License numbers.
  • The Locations menu includes where Spirion will search for Private Information on your system, as shown by the checkmarks. The locations include files and compressed files, e-mails, and attachments, browsers, and files located your Mac.

On-Demand Scan

To run a scan manually, open Spirion from the Applications folder via Finder. Click the start button in the upper left hand corner or via the Search menu. The Spirion status window will appear and Spirion will begin searching for all Private Information matches. Spirion will only scan directories and files that you have access to. The status window will appear and can be minimized by clicking the Minimize button in the Window menu in Spirion.

REMEDIATION

After a scan, you must take action on the results. The identity matches are highlighted to allow you to review the data. If you'd like to view the file outside of Spirion, right click it and click on "Reveal in Finder" and finder will open to the folder that file is located. 

User Decision Making Flow Chart

Use the decision making flowchart located here to determine the appropriate remediation action.

Actions

Performing an action on PI will remove the row from Spirion. In Spirion you can ignore, shred, or scrub a file containing PI. Additionally, you can save a report in Spirion to discuss with your Private Information Management business representative.

  • The Shred action securely deletes the file containing PI from the local machine. Files and folders can also be shredded without Spirion being open.
    • The file is unrecoverable after this action is performed!
  • The Redact action replaces the PI with X's. 
    • The following text file types can be redacted:
      • 1st; asm; asp; aspx; bat; btm; c; cc; cmd; cpp; cs; css; cxx; def; dic; h; hpp; hxx; idl; idq; inc; inf; ini; inx; java; js; jsl; log; me; pl; rc; reg; rels; snippet; text; txt; url; vbs; wtx; xml; xsl
      • Microsoft Office file formats
    • The PI is unrecoverable after this action is performed!
  • The Ignore action flags the file or identity match as a flase positive. This action must be verified as a false positive by the Information Security Office before it is actually excluded.
    • This Item Location ignore all PI matches found by Spirion in the file location.
    • This Identity Match ignores all instances of the specific PI match on your computer. 

Saving Reports

The scan results may contain files you are unsure how to remediate or need to keep for a business reason. These additional items remaining from the scan must be reported to your Private Information Management technical and/or business representative to determine the reason for keeping the information and how to properly remediate it. Relocating the information to a secure server is a possible solution.

  • Note: Reports should be saved as Spirion_[username]_[date].html.

     

Links: