Sensitive Data Discovery helps ensure that sensitive and regulated data are not being stored unnecessarily.
- MiWorkspace units. Information Assurance (IA) performs Sensitive Data Discovery checks twice a year of MiWorkspace computers and storage (MiWorkspace Security & Privacy).
- Non-MiWorkspace units. Unit IT staff can request that their unit's computers and networked storage be included in the twice-yearly Sensitive Data Discovery checks by contacting the ITS Service Center.
The checks help identify files that may contain sensitive data and prompt a review of those files to see if they are still needed. The checks also help the university comply with laws and regulations governing the storage of sensitive and regulated data.
IA uses a software tool that automatically checks for potentially sensitive information. IA staff members will work with you and your unit staff to help review the results and take appropriate action.
What the Sensitive Data Discovery Tool Does
The Sensitive Data Discovery tool:
- Only checks devices on U-M networks.
- Checks for two types of sensitive data: Social Security numbers (SSNs) and credit card numbers.
- Looks for numeric patterns formatted like Social Security and credit card numbers, so it sometimes misidentifies files as sensitive.
- Produces a report listing all your files that may contain sensitive data.
The tool can check for additional patterns if that would be helpful to your unit, particularly on Windows machines, file shares, web servers, and database servers. For example, if researchers in your unit want to check for numbers that could potentially be medical record numbers or some other type of number, you can request that.
Respects Privacy
- The tool looks for numerical patterns. It does not review or examine content.
- The tool does not check anything inside folders name Personal and Private. Members of the university community are asked to use such folders on their university machines for any personal files they don't want checked.
If Sensitive Data Is Found
If your U-M computer or unit storage is found to contain data that could be sensitive, you will be asked to review a report and take action. You may be contacted by Information Assurance, your unit's Security Unit Liaison, or your unit's IT staff. See Take Action on Your Sensitive Data Discovery Report for details.
About the Tool
IA uses SeekerDLP to find sensitive data on Windows workstations and servers, Mac workstations, SMB and NFS file shares, database servers (MSSQL, MySQL, Oracle), and websites. IA created a web-based portal for units to use to access and update their Sensitive Data Discovery reports. U-M units may request a license to use Seeker by contacting IA via the ITS Service Center.
Questions?
Contact your Information Security Lead or IA via the ITS Service Center.
Applicable University Policies
You are responsible for complying with the policies and standards below. Sensitive Data Discovery can help you meet that responsibility.