Search Information Security site

 

Identity Finder: Software for Locating Personal Information

About Identity Finder

Identity Finder software is designed to locate personally identifiable information (PII)—in the form of Social Security Numbers (SSNs), credit card numbers, and other sensitive information—that is stored on computers. Individuals and departments at UVa can use Identity Finder to help them find and, where possible, remove PII.

The Identity Finder Management Console has two parts: client software installed on your UVA computer and a server that collects the completed reports. Each department can designate an LSP or person with like responsibilities to manage departmental groups in the Console.

In order to implement the Console, a department must:

Designate someone to manage the departmental group

Approve the designee’s access to the JointVPN

The departmental designee must:

Complete the process for obtaining a UVa Identity Token and access to the JointVPN

Complete introductory console training by the Information Security Office. Contact it-security at virginia.edu to request this training.

The Identity Finder Management Console offers several benefits to UVA departments such as:

Evidence that scans have been completed
Management awareness of highly sensitive data
Easier remediation
Automated scanning and remediation reports
Centralized departmental management of scans
Reduced false positives

The Identity Finder Management Console can also enable departments to keep an accurate inventory of all SSN data stored on laptops, desktop computers, servers, and other media (CDs, DVDs, tape backups, USB thumb drives, etc.), as part of the requirements of the University SSN Policy.

If you know you handle highly sensitive data regularly, Identity Finder (or equivalent) highly sensitive data scans must be performed and all unapproved storage remediated at least bi-monthly.

Even you if don't handle highly sensitive data regularly, Identity Finder (or equivalent) highly sensitive data scans must be performed and remediated at least quarterly.

Information about the standalone (non-Console) version of Identity Finder can be found here.

Page Updated: 2016-03-08

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security Office will evaluate the report and provide a full investigation.

Complete Report Form