Identity Finder Overview - Harvard University

1y ago
16 Views
2 Downloads
725.58 KB
19 Pages
Last View : 27d ago
Last Download : 6m ago
Upload by : Brady Himes
Transcription

Identity Finder Overview Per Harvard University security policy, http://policy.security.harvard.edu,High-Risk Confidential Information (HRCI) such as Social Security andcredit card numbers, names with birth dates, passwords, etc. should notbe stored on Harvard desktop or laptop computers. Identity Finder is a tool that can provide you peace of mind knowing thatyour computer or shared drive is not storing any of this highly confidentialinformation. Identity Finder will help you search your computer for data that maycontain this type of information and enable you to take action to removewhat it finds. In order to aid you in keeping your computer free of high-riskconfidential information, it is recommended that you run periodic scans ofyour computer. Please contact the HUIT Support Services, 617.495.7777, for any technicalissues or questions.1

Using Identity Finder Open Identity FinderStart All Programs Identity Finder Identity Finder Create a passwordProtects sensitive information you may enter while searching(such as passwords for other computers) No way to recover or reset password later, sochoose wiselyUse secure method to note your password (such as “securenote” in LastPass password manager, available from HUIT)2

Choose “Continue Search Wizard”3

Choose “Configure Search”We need to choose “Configure Search” so that we canselect the specific locations we are searching. We don’twant to search all shared drives, but specific locations.4

What Are We Searching For?Our installation of Identity Finder is pre-configured with the importantthings to search for, including SSNs, credit card numbers, birth dates,and passwords. These items are classified as “Level IV” confidentialinformation per the University security policy. Click “next” to continue.5

Where Are We Searching?Click the lower radio button next to “Custom Location”, then clickthe small box to the right with 3 dots.6

Where Are We Searching?Select your “H:” drive, then click OK.Note: this same selection process can be repeated to scan additional network drives or the local C: drive7

Where Are We Searching?Click “Next”8

Confirmation of OptionsClick “Finish”9

Search Results SummaryThe time it takes to run Identity Finder on your H: drive can vary greatly.Depending on the volume of files/folders, this can take anywhere from 15minutes to several hours. Click on “Wizard” to proceed with the remediationprocess for the search results.10

What Scans May Find Many, many passwords in email reminders ofconference calls and webinars (not a concern). Account and password information forapplications or websites P-Card or credit card numbers that someoneemailed you – eek! Personal bank account info, SSNs, birth dates11

Results Wizard & Clean-upThe remediation process for the search results is something you must do on your own, asprivate data discovered cannot be viewed by others and requires your direct analysis andaction. HUIT Field Support can assist with getting the tool running properly on your computer,but you alone must remediate the search results.12

What to Do Now? Options for email messages are:– Shred - secure deletion using DOD standards– Secure - add password protection– IgnoreOptions for files include:– Shred - secure deletion using DOD standards– Scrub - remove suspect info, keep everything else– Secure - secure highlighted item using the associated application’s features– Recycle - delete the file by moving it to the ‘Recycle Bin’. This does not actuallydelete your file and it is recommended you use the “Shred” button instead.– Quarantine - Move file to a quarantine location and permanently shred it fromits original location.– Ignore - Ignore either the currently highlighted item or its Identity Match sothat it is not found again. Item on the Ignore List will not be searched. Toremove an item from the Ignore List, use the ‘Manage Ignore List’ option– Skip - items will be skipped for now, but will return in following scans13

How To Respond Shred or Ignore emails with meetingpasswords, depending on whether you needthe other info in the email Shred emails with actual confidentialinformation Could not go through all findings in onesession Identity Finder allows you to save the resultsso you can go through them later.14

Example of “False Positive”:Conference Call Invitation15

Example of “False Positive”:Software Documentation16

Example of “False Positive”: BirthDates without Names17

Example of “False Positive”: Looks Likea Password but Isn’t18

Identity Finder Support For additional instructions on using IdentityFinder and other security best practices, visithttp://policy.security.harvard.edu/faq Contact HUIT Support Services, 617.495.7777,for any technical issues or questions.19

Using Identity Finder Open Identity Finder Start All Programs Identity Finder Identity Finder Create a password Protects sensitive information you may enter while searching (such as passwords for other computers) No way to recover or reset password later, so choose wisely Use secure method to note your password (such as "secure

Related Documents:

2. Run the Identity Finder program: Applications Identity Finder.app. 3. If this is the first time using Identity Finder, you will be asked to create a New Identity Finder Profile, and be prompted to enter and confirm a password. It is advised that you create a unique password solely for Identity Finder.

Running a Scan in Identity Finder Identify Finder is supported on both Windows PC and Mac. Windows PC 1. In the Windows search bar, type Identity Finder. 2. The Identity Finder App should appear. 3. Click the Identify Finder icon. Mac 1. Click the Application Folder. 2. Click the Identity Finder icon.

2. Run the Identity Finder program: Start Menu Programs Identity Finder Identity Finder. 3. If this is your first time using Identity Finder, you will be asked to create a New Identity Finder Profile, and be prompted to enter and confirm a password. It is advised that you create a unique password solely for Identity Finder. 4.

9. If you plan to use Identity Finder to store passwords for work files, store a written copy of the password in a locked location in your office and make your supervisor aware of the location for business continuity. 10. Click OK and then quit Identity Finder. 11. Launch Identity Finder again and you will be prompted for the PIF password. 12.

Secure Identity Finder Results File The secure Identity Finder results file is the preferred method for saving results and can be used to save the results for later review and remediation. This is the only results file that can be reopened in Identity Finder. To save the results in a password protected file, click Save from the File menu. Choose a

Secure Identity Finder Results File The secure Identity Finder results file is the preferred method for saving results and can be used to save the results for later review and remediation. This is the only results file that can be reopened in Identity Finder. To save the results in a password protected file, click Save from the File menu. Choose a

The deployment of Identity Finder consists of two parts . The first part, the Identity Finder service, allows LSITO to locate and generate comprehensive reports on the locations of confidential data (SSNs, Credit Card Numbers, etc.) on L&S-owned computers. The second part, the Identity Finder client, will allow

The American Osteopathic Board of Radiology will not require a written attestation as a requirement for examination or certification. No. 11 In the osteopathic profession, the American Osteopathic Board of Radiology reviews and approves the eligibility of candidates whose training has been reviewed and approved by the American Osteopathic College of Radiology (AOCR). In 1982, the AOCR training .