About Identity Finder
Identity Finder (Spirion) software is designed to locate personally identifiable information (PII)—in the form of Social Security Numbers (SSNs), credit card numbers, and other sensitive information—that is stored on computers. Individuals and departments at UVA can use Identity Finder to help them find and, where possible, remove PII. All non-student users must perform scans at least quarterly on any electronic device or media that may store University data, whether owned by an individual or the University. If users are approved to store highly sensitive data on individual use devices or media, Identity Finder (or equivalent) must be run on all storage areas at least quarterly, and any HSD found on unapproved storage areas must be remediated immediately, as stipulated in the Highly Sensitive Data Protection Standard. Departments may set more specific guidelines for faculty and staff.
The Identity Finder Management Console has two parts: client software installed on your UVA computer and a server that collects the completed reports. Each department can designate an LSP or person with like responsibilities to manage departmental groups in the Console. It is highly recommended that departments utilize centrally-managed installations of Identity Finder, rather than standalone configuration. Contact your LSP for more information.
Identity Finder Installation
The instructions for installing and configuring Identity Finder (Spirion) on an individual client are located within the Procedures on the Use of Data Loss Prevent (DLP) Tools document.
In order to implement the Console, a department must:
Designate someone to manage the departmental group
Approve the designee’s access to the JointVPN
The departmental designee must:
Complete the process for obtaining a UVA Identity Token and access to the JointVPN.
Complete introductory console training by the Information Security Office. Contact it-security at virginia.edu to request this training.
The Identity Finder Management Console offers several benefits to UVA departments such as:
Evidence that scans have been completed
Management awareness of highly sensitive data
Automated scanning and remediation reports
Centralized departmental management of scans
Reduced false positives
The Identity Finder Management Console can also enable departments to keep an accurate inventory of all SSN data stored on laptops, desktop computers, servers, and other media (DVDs, tape backups, thumb drives, etc.), as part of the requirements of the University SSN Policy.
If you know you handle highly sensitive data regularly, Identity Finder (or equivalent) highly sensitive data scans must be performed and all unapproved storage remediated at least bi-monthly.
Even you if don't handle highly sensitive data regularly, Identity Finder (or equivalent) highly sensitive data scans must be performed and remediated at least quarterly.
Information about the standalone (non-Console) version of Identity Finder can be found here.