- What is Identity Finder?
-
Identity Finder software helps individuals and businesses prevent identity theft, by finding and securing personally identifiable information (PII)—like Social Security Numbers, credit card numberss, bank account data, and passwords—stored in files, emails, web browser data, and system areas. Once the data is located, owners have the option to shred the information, quarantine it to a secure location, or protect it through encryption.
- How often should I run Identity Finder?
-
If you know you handle highly sensitive data regularly, IdentityFinder (or equivalent) highly sensitive data scans must be performed and all unapproved storage remediated at least bi-monthly. Even you if don't handle highly sensitive data regularly, IdentityFinder (or equivalent) highly sensitive data scans must be performed and remediated at least quarterly. Departments may set more specific guidelines for faculty and staff.
A department's scans should be documented with 1) the date of the scan, 2) the user performing the scan, and 3) the actions taken to remediate the identified highly sensitive data. Management should review the documentation to ensure scans are properly completed as scheduled.
Example: Using the Identity Finder client
- When users run their periodic scans, they can print their initial scan results (making sure not to display the full details of any highly sensitive data).
- If remediation is required, they can re-run the scan following remediation and print the “clean” scan results.
- Any print outs should be signed and dated.
- Management can periodically review these documents to confirm that both scanning and remediation have been completed.
Example: Using the Identity Finder console (in pilot), departments can manage their users’ scans centrally, including tracking scans completed and remediation done.
- Can Identity Finder search my Mac?
-
Yes. Download the installer file: Login with NetBadge, select Identity Finder, and follow the prompts.
- How has the Mac version been configured for UVA?
-
Check for new versions of and updates on Startup has been turned off. All file types are searched. Unformatted SSNs appear in the report only when there is more than one in a file.
- Will Identity Finder search my email?
-
The new IDF configuration will search email. The behavior varies based on how you are logged in.
Scenario 1: You are logged into your email. Identity Finder searches your email for SSN.
Scenario 2: You are not logged into your Exchange email, and you are not logged into a Microsoft (like eservices) domain. You will get prompted to log in.
Scenario 3: You are logged into a Microsoft domain. Identity Finder searches your email even though you have not logged in.
Scenario 4: You are logged in locally (no domain), and you don't use Microsoft email. Thunderbird is your email client, for example. You must log in to Thunderbird to get your email searched.
- How can I search my Linux/Unix machine for highly sensitive data?
-
While Identity Finder can be used to search for sensitive data on Linux/Unix machines, the configuation for doing so is difficult. Download and run Sensitive Number Finder (SENF) or SSNFind.
- What changes have been made to the UVA version of Identity Finder?
-
The configuration of UVA's version of Identity Finder has been tweaked to make it search more comprehensively for personally identifiable information (PII). Visit our default configuration page for more information.
- What sensitive data can Identity Finder locate?
-
Credit card numbers, bank account numbers, Social Security Numbers, passwords, dates of birth, driver's licenses, personal addresses, passport numbers, telephone numbers, employee IDs, mother's maiden names, user-defined types, Australia Tax File Numbers, Canada Social Insurance Numbers, United Kingdom National Insurance Numbers, and United Kingdom National Health Service Numbers
- Will it constantly re-find the same files that have matches?
-
Yes. Once having found a file with specified search terms, Identity Finder will continue to report the same file. However, if “Use search history and only search new or modified files” is checked, then Identity Finder will not scan files that are unchanged since the last scan.
- Where can I ask a technical question?
-
You can email technical questions to [email protected].
- Where can I ask a question about UVA's license?
-
Email your questions about the UVA Identity Finder license to [email protected].
- Can I get a copy of Identity Finder for my home (non-UVA) computer?
-
Yes. Students, faculty and staff may purchase a copy of Identity Finder for home use at a more than 50% discount off the vendor's normal price. You must purchase the home editions through a secure ITS website; log in with your NetBadge credentials. You will also be required to provide an email address ending in @virginia.edu. This offer is not available for the Mac version of the software.
- What happens if Identity Finder freezes while searching?
-
Locate the Identity Finder log of the search that caused the halt, email it to [email protected], and make sure to cc: it to [email protected].
- How fast does Identity Finder search?
-
It depends on the amount of data and the number of matches found. The more matches found, the more slowly Identity Finder searches. A thorough initial search will speed up all subsequent searches.
- What are the minimum system requirements?
-
Identity Finder Enterprise Edition requires Windows Vista, Windows XP with Service Pack 1 (SP1), Windows 2000 Professional with Service Pack 3 (SP3), or Windows Server 2003.
- How does Identity Finder search remote computers?
-
Identity Finder uses Windows File and Printer Sharing to establish a connection to a remote Windows machine.
- Why can't I look at the log file while the search session is active?
-
When the logs are encrypted, you have to close the session before you can review the log file.
- How does Identity Finder address programs and memory, and how does that affect the searching of large files?
-
Identity Finder uses IFilter for most programs, so that the native API (Application Programming Interface) of the program can be used to search for sensitive information. Identity Finder needs to have a contiguous block of 128 megabytes of memory for searching files—hence the file size limitation of 128 megabytes. If you manage a file server, search the server based on file size to determine the existence of large files. Identity finder version 3.4.1, currently downloadable from ITS, is configured not to search files larger than 100 megabytes. To search databases, you can use the Database tab in the Where to Search Ribbon.
- Is there a Mac version of Identity Finder for non-Intel Macs?
-
No. For non-Intel based Macs, please follow the instructions here to scan your non-Intel Macs using an Intel Mac.
