OT: Workstation security assurance

["F.M. Taylor" <root () uranium indstate edu>]

We are in the process of developing security policies and procedures.
During this process we have identified certain types of data that we
have classified as sensitive, that cannot (by policy and law) be stored
on non-secured workstations.  We are certain that some workstations have
"sensitive data" stored on them, due to a previous lack of policy
preventing it.  We have no idea where this data is, or in what format it
is stored.  We are certain that very few of the 5000 or so PCs are secured
to the degree that this type of data requires.
We are looking for a tool that can be used to scan all of the
workstations for the types of data elements we have determined are
sensitive, and report the findings.  We can then move to either secure
the workstation, and/or remove the offending data elements.  Examples of
the types of data we would be looking for are SSN, GPA, and other data
types as defined by HIPPA and FERPA.

Does such a tool exist, and where can I get it??
If you know the correct place for me to ask, please enlighten me.


-- 
Mike Taylor
Coordinator of Systems Administration and Network Security
Indiana State University.               Rankin Hall Rm 053
210 N 7th St.                           Terre Haute, IN.
SANS GSEC  http://www.sans.org/


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users