Using Powershell to report on files containing PII (Personally Identifiable Information)
26 August 2016:
This updated script also outputs the files found as a PS object that can be exported to CSV.
$PiiFiles = get-pii -FileType 'txt'
Searches files with txt extension in the current folder and its subfolders, outputs the findings in HTML report and saves the file list in the $PiiFiles variable. That can be exported to CSV as in:
$PiiFiles | Export-Csv .\piilist1.csv -NoTypeInformation
Management of PII (Personally Identifiable Information) has always been a source of concern. PII includes information such as social security numbers and credit card numbers. Companies may have policies to regulate how they’re handled, and perhaps require encrypting the files where they’re stored. IT may be asked to audit or report on any files containing PII. This script does just that. The script is implemented as a function the SBTools module available on the Microsoft Script Center Repository.
Get-PII function uses EnahncedHTML2 functions by Don Jones who graciously agreed to have them included in SBTools module.
NIST provides examples of PII such as:
- Name, such as full name, maiden name, mother‘s maiden name, or alias
- Personal identification number, such as social security number (SSN), passport number, driver‘s license number, taxpayer identification number, patient identification number, and financial accountor credit card number
- Address information, such as street address or email address
- Asset information, such as Internet Protocol (IP) or Media Access Control (MAC) address or other host-specific persistent static identifier that consistently links to a particular person or small, well defined group of people
- Telephone numbers, including mobile, business, and personal numbers
- Personal characteristics, including photographic image (especially of face or other distinguishing characteristic), x-rays, fingerprints, or other biometric image or template data (e.g., retina scan, voice signature, facial geometry)
- Information identifying personally owned property, such as vehicle registration number or title number and related information
- Information about an individual that is linked or linkable to one of the above (e.g., date of birth, place of birth, race, religion, weight, activities, geographical indicators, employment information, medical information, education information, financial information).
This script searches and reports only on social security numbers and credit card numbers. It can be modified to detect additional PII patterns. Feel free to post a comment if you’d like to see more patterns added..
To search on a set of folders and report on files containing PII use a command like:
Get-PII “txt”,”csv”,”doc?” “D:\Sandbox”,”\\Server1\Install\Script?”
This searches the folder d:\sandbox and \\Server1\Install\script? for files with extensions txt, csv, and doc?, and compiles an HTML report of any files including PII.
The command output looks like:
The HTML report looks like:
The sample file looks like: