masthead
Event Overview Timeline Clean Up Procedures Resources FAQs Contacts
Preparation
Deliverable
Event Deliverables

Upon completing the action items identified in the Responsibilities section of the web site the following deliverables should be available in each department:

Department Head Deliverables

  • The department head should end up with a spreadsheet listing all servers and desktop computers that have been approved by he or she to continue storing sensitive data.
    • This can be accomplished by encouraging if not requiring the CSR or the system owner has successfully ran the Spider sensitive data discovery tool on their desktop.
    • The desktops that are approved to continue storing sensitive data are candidates for whole disk encryption.

Manager/Supervisor Deliverables

  • The manager/supervisor should provide the Department Head with a list of employees that they think should continue to store sensitive data on their desktop.
    • This can be accomplished by encouraging if not requiring the CSR or the system owner has successfully ran the Spider sensitive data discovery tool on their desktop.

CSR Deliverables

  • A Spider tool results log file should be provided to each employee for them to review and determine if they can delete or archive the sensitive file(s) to a fileserver or CD/DVD if a server is not available.

Note: Depending on the skills of the system owner, the CSR may have to assist them with following the path to locate the sensitive files.

  • The CSR or the employee should provide the employee's manager/supervisor with the name(s) of employees that have requested to keep a sensitive data file on their computer. The employee must have their manager/supervisor's approval in order to retain the sensitive file(s) on their computer.
    • This can be accomplished successfully running the Spider sensitive data discovery tool on their desktop.

Employee Deliverables

  • The employee should review the results of the Spider log file and view each sensitive file to determine if they need to keep the file. If yes, the employee should provide this information to their manager/supervisor.
  • If working with the CSR to review the sensitive files, either the employee or the CSR should provide the name to the manager/supervisor for approval to retain the sensitive file(s).