OIT to release Identity Finder software

December 16, 2012

Cornerstone

In an effort to ensure privacy and security on university-owned computers, OIT will release Identity Finder on Dec. 20. Identity Finder will routinely scan your computer similar to anti-virus software and report any sensitive or personally identifiable information. Examples of personally identifiable are social security numbers and credit card numbers that may be in documents on your computer. Frequently asked questions are included here and information is available at the OIT Identity Finder support page.

How do you know if this affects you?
If you use a windows computer, and are on the UA Domain, you will be affected. If you are on a Mac computer, and are being managed through Casper management, you will see the Identity Finder software as an option in the OIT Self Service portal in your applications directory.

How will you know it has been installed?
 On Windows computers, it will be listed under All Programs. On Macs, it will be in the Applications folder.

How will Identity Finder be used?
Similar to how anti-virus software is used, automated scans will run weekly during non-standard business hours. The scan results are managed by the OIT security administration and are used to help guide decisions related to the handling of sensitive information. In the event that any system is compromised, lost or stolen, OIT security will be able to report the status with regard to sensitive data as of the most recent scan. This approach reduces the risk of exposing PII data.

How do I know what the scan found?
Results of the automated scans will not be visible to you or saved on your computer for review, however, you can manually scan your own files on the computer to see the results. This is useful before you travel, so you know the status of your laptop with regard to sensitive data. Instructions for Windows and Mac are available on AskUA.

What if sensitive data is found on my computer?
If you perform a manual scan, Identity Finder provides several options for what to do if sensitive data is found. If the data is no longer needed, you can Shred (secure delete) it. If you need to keep the original file, but do not need the sensitive information, you can Scrub (redact) it. More information is available on AskUA.

If your job duties require you to work with sensitive data, it is your responsibility to take appropriate measures to handle the data in a secure manner. For more information on workplace data security, contact the OIT Support Center.