Educause Security Discussion mailing list archives
Re: Software that scans for SSN
From: Graham Toal <gtoal () UTPA EDU>
Date: Wed, 28 Sep 2005 15:56:30 -0500
Cam Beasley, ISO wrote:
hi Gary -- we apply individual pcre SSN & CC sigs to target specific apps/ports.. this approach, combined with a distributed sensor model has been very successful and we have seen negligible increases in sensor resources.. our false positive rate is less than 10%..
Cam, how do you handle informing people when you find someone disclosing a credit card number - in email, for example? Our CISO is very sensitive about any faculty perception that we may be looking at their mail (which we're not - we're doing the same sort of rule-based matching and alerting that you are doing). Do you talk to them face to face, or do you have a standard letter, or what? How much detail of the captured packets do you include? Is it fully automated or is there a man in the loop? Do you keep logs of the sensitive data that was captured, possibly creating a secondary target for hackers? Also did you create any specific policy relevant to this area? We're struggling with these questions ourselves at the moment. G
Current thread:
- Software that scans for SSN Leila Lyons (Sep 27)
- <Possible follow-ups>
- Re: Software that scans for SSN Gary Golomb (Sep 27)
- Re: Software that scans for SSN Ramon Hermida (Sep 27)
- Re: Software that scans for SSN Lee Weers (Sep 27)
- Re: Software that scans for SSN Lee Weers (Sep 27)
- Re: Software that scans for SSN Jeff Kell (Sep 27)
- Re: Software that scans for SSN Gary Golomb (Sep 28)
- Re: Software that scans for SSN Ramon Hermida (Sep 28)
- Re: Software that scans for SSN Cam Beasley, ISO (Sep 28)
- Re: Software that scans for SSN Graham Toal (Sep 28)