Scanning for Confidential Data
This article applies to: Shared File Services
It is the responsibility of the share owners to periodically scan their data in accordance with Cornell Policy 5.10.
For information about how to scan, see the Guide to Data Discovery.
CIT will not be responsible for scanning customer shares for sensitive data. It is the customer’s responsibility to perform any such scanning to be compliant with any related Cornell policies.
- For Confidential shares SFS provides the CIFS auditing functionality, to be configured, managed, and reviewed by the customer in accordance with Cornell Policy 5.10.
- The customer is responsible for ensuring compliance with Cornell Policy 5.10.
CIT performs regular Nessus vulnerability scans against SFS. These scans are not the same as Sensitive Data scanning, or AntiVirus scanning, both of which are customer responsibilities.