Spirion Forum
Forum Home Forum Home > Feature Requests > EndPoint for Windows
  New Posts New Posts RSS Feed - Clean Scan Notice
  FAQ FAQ  Forum Search   Register Register  Login Login

Clean Scan Notice

 Post Reply Post Reply
rwarner1 View Drop Down

Joined: 30 Nov 2010
Location: Chicago
Status: Offline
Points: 23
Post Options Post Options   Thanks (0) Thanks(0)   Quote rwarner1 Quote  Post ReplyReply Direct Link To This Post Topic: Clean Scan Notice
    Posted: 04 Oct 2011 at 6:51pm

Hello All.

When Identity Finder completes a scan and finds nothing, essential a clean scan, it prompts the user for a New Scan, or to Exit, but there is no evidence that a scan has run and that it was clean, (besides the logs, but I'll get to that). We are using Identity Finder in Guest Mode only, so I don't know if that behavior is different while using profiles.

To give a little back story on this, we were using Cornell University's Spider Scanner before we launched Identity Finder. After the "Spider Scan" was complete, the user had a spreadsheet on their desktop called SpiderResults.csv. Actually, once the scan started, the file was created and as matches were found, they were added to the spreadsheet. The transition to Identity Finder has been very smooth, and I only had this questions/issue come up today.

Our program is setup so we have Data Stewards in each of our departments and they are responsible for getting their computers scanned and reviewing/remediating the results. We have an issue in one department where some of the users have not been willing to comply and scans have not been done. So this request may sound like a policing effort, but after thinking about it, I thought it may be beneficial. With Identity Finder, and the ability for the user to scan and remediate their results, the Data Steward for this department has raised concerns that, since there is no evidence of a scan, clean or not, a user could say, "Yes, I've scanned, I found X, Y, Z, deleted them, and now my computer is clean". 

Now, from the Console's perspective, yes, it would show how many, if any, scans were done, and what was found. But our Data Stewards don't have access to the console, and probably never will.  The endpoint logs, if enabled, would have information about the scans, but asking the Data Stewards to dig through log files isn't practical. So what I’m asking for is some type of notification, whether it be a generated email, a small text file, or something else, that marks an endpoint as scanned and clean, in the event of a clean scan. Whatever “it” is, would then be the proof that the scans were done.


I hope this is clear enough, but if you need more info, or have any suggestions, please let me know.





"For the things we have to learn before we can do them, we learn by doing them." - Aristotle
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down