Identity Finder

Information for LSPs and System Administrators: How to Install and Use Identity Finder in UVa Departments

Different departments will use Identity Finder in different ways. Being knowledgeable about your own department's data stores and data usage will greatly assist you in deploying Identity Finder.

Table of Contents

Planning Steps

  1. If you are using Identity Finder for purposes of completing the Social Security Number Inventory and Remediation Plan due July 1, 2008, see the SSN Initiative Policy page for background, guidance documents, forms, and templates, including an "SSN/Credit Card Data Machine Scanning Tracking Sheet."
  2. Work with your department chair or administrator in planning any Identity Finder searches, as well as in communicating with faculty and staff about search policy and procedures.
  3. Identify all equipment to be searched, including laptops, workstations, servers and media.
  4. Choose a strategy of either local installations or a centrally managed installation. Identity Finder can be installed and run on users' computers or installed on a server and configured to search remote computers. Depending on your department's preferences, you may install it for the user, or the user may install it. Regardless of installation strategy, the Identity Finder report must be reviewed by the file/data owner to assess and remediate personal and University-owned sensitive data. Note: When conducting remote searches, hidden Web data, email messages, and email attachments will not be searched. If Outlook is installed on the source computer, however, then Identity Finder will search local .pst and .ost files. A wired connection works best for network stability. In order to be scanned, external storage (USB thumb drives and external hard drives) should be attached to the computer while searching. If you manage a departmental server, you should run Identity Finder on the server in consultation with your department chair.
  5. Departments must determine what to do with any sensitive data found, based on the SSN Policy, the Records Retention Policy, and all other applicable policies. Identity Finder can shred data or quarantine it to either a local drive or a server. “Shred” is a secure delete that overwrites data being deleted. “Quarantine” means the data is moved to a new location and shredded in the old. Identified documents may also be “redacted” with the document itself retained, but the sensitive data removed.
  6. Departments must inventory all sensitive data that is retained on the department's equipment.

Implementation Steps

  1. Get information about the default configuration of UVa's version of Identity Finder.
  2. Download and install the Installer File
  3. Run Identity Finder. Plan your time appropriately, given the amount of data to be scanned.
  4. Interpret the report from the scan.
  5. Based on the report, determine the location and ownership of affected files, and contact file owners. If file ownership cannot be ascertained, or the owner has left the University, consult with the department chair or administrator.
  6. The department will advise file/data owners regarding destruction, redaction or secure retention of data.

Advisories

  • The current version (3.3.0) will not search files without filename extensions. Furthermore, files with no extensions cause Identity Finder to skip the entire directory in which they reside. Identity Finder 3.4.0, which fixes this problem, should be obtained by the built-in update feature as of April 10.
  • Mapped network drives and network shares including UNC shares will not be searched by default when selecting “My Computer.”
  • The presence of Mathematica 5.2 on a computer causes Identity Finder to freeze. (Other common file types such as Microsoft Office files are searchable.) The Identity Finder software developer is working on the Mathematica 5.2 problem; it is not an issue with Mathematica 6.0. Because of this bug, “.nb” files have not been included in searchable file formats.
  • The searching of Thunderbird email files is not supported.
  • For an ITC-managed departmental server, the LSP involved should coordinate with the appropriate ITC group (Microsystems or UNIX Systems) to develop a strategy that suits the specific needs of the department.
  • System administrators should review access privileges on network shares, before users start searching for personally identifiable information.

© 2008 by the Rector and Visitors of the University of Virginia.

The information contained on the University of Virginia’s Department of Information Technology and Communication (ITC) website is provided as a public service with the understanding that ITC makes no representations or warranties, either expressed or implied, concerning the accuracy, completeness, reliability or suitability of the information, including warrantees of title, non-infringement of copyright or patent rights of others. These pages are expected to represent the University of Virginia community and the State of Virginia in a professional manner in accordance with the University of Virginia’s Computing Policies.