Computer Security Training on Identity Finder
With computer hackers becoming more sophisticated by the minute, UNH IT has undertaken security training to help employees protect personal and financial information from being pirated.
According to Petr Brym, director of IT Security, a computer breach can cost up to $300 per breached record. Training sessions have been underway on Identify Finder, a software program that locates confidential and restricted information that, once found, can be permanently removed or secured. The training also includes general information security awareness and covers several other valuable resources that will help you protect information.
Identify Finder looks for numeric strings similar to social security numbers, credit cards and other indicators of protected information such as passwords that should not be stored on UNH computers.
Brym notes that cyber attack risks can be reduced but that people must be aware of what information they have where, and what threatens that information. Storing legally protected information on personal computers, in e-mails and in other prohibited locations is against university policy, represents a serious information security threat, and has legal implications if it is compromised or stolen.
Contact UNH IT Security by filling out the web form at itsupport.unh.edu/itsec to request a presentation and training on this program, or:
- Log into Blackboard at blackboard.unh.edu
- Go to the faculty and staff organization
- Read the Identity Finder instructions found under the IT security and policy link.
Below is a list of FAQ on using Identify Finder:
Can I use Identity Finder on a Windows machine?
Can I use Identity Finder on a Mac?
Can I use Identity Finder on a Linux machine?
No, but other tools are available.
My passwords for Internet sites show up in the results. Why?
To keep your passwords from logged-in sessions from showing up, clear your cache before you run Identity Finder.
Does Identity Finder report my information back to anyone other than me?
UNH IT will have a record of when you ran the scan and whether protected information was detected, but it will not receive details about the location of the information, nor will it receive the information itself.
How long does it take to install Identity Finder?
Installation is very quick; a few minutes at most.
How long does an Identity Finder scan take?
The length of the scan depends on the amount of information on your machine.
Do I have to register when I install the product?
You do not need to register at this time. UNH IT updates the installation location as needed, so you can update your program from the UNH installation point. UNH IT also tracks the use of your license centrally, as long as you use the UNH installation point rather than the Identity Finder website. If you install Identity Finder from the Identity Finder website, you will not be covered by the UNH license.
*Note: the UNH license expires in the spring of 2012. Install Identity Finder now, run your scans, clean up your computer, file shares, e-mail and removable media, and re-run your scans several times before the license expires.
Can I use my UNH license to scan my personally owned computer at home?
No, but the Identity Finder website has versions that you can use at home.
I want Identity Finder to always include my network drives in my scan. How can I change those settings?
- Go to ‘locations.’
- Click ‘custom folders’ drop down.
- Choose ‘enable custom folder search.’
- Click the ". . ." icon to the right of the folder box.
- Browse to your network drive and highlight the drive itself and click OK.
- Click ‘add’ button to the right, then OK at the bottom.
- Go back to the main menu and start your scan.
I heard that it is very important to scan my Exchange e-mail archives and public folders as well. How do I accomplish that?
- Go to ‘configuration.’
- Click ‘settings.’
- Choose ‘e-mails.’
- Choose “include remote mail folders”.
- Choose “include Exchange public folders”
- Click OK at the bottom.
- Run a new scan
Can I work on my machine while I run an Identity Finder scan?
Yes, this is possible and most employees find they can do so. However, if you are doing highly time sensitive or mission critical work, such as working on a PowerPoint for an important meeting that starts in a few minutes, we recommend delaying the scan until you finish the PowerPoint.
How long will it take me to go through the scan results?
The time to process your results depends on how many results you have and how much individual attention you give each result. You can select one, some, or all of the results and perform an action (such as shred) on them.
If I need to stop going through my results, will Identity Finder remember my results?
If you still have results on your screen when you quit the program, Identity Finder asks you if you want to save the results to open them later. You will be asked to type a password. Use a strong password. If you forget your password, IT can help you. You will just have to run a new scan.
What options do I have for handling search results?
Shred - Shred implements the U.S. Department of Defense deletion standard, which is known as DOD 5220.22-M, for deleting files. This is the recommended method for any protected information you find that you do not need and that puts you at risk. For example, SSNs, credit card numbers and passwords found on a personal computer must be shredded.
However, if you need those numbers and you do not have a copy of the information stored in a secure approved location, contact IT Security without delay to determine the correct next steps.
*Note: Shredded files are not recoverable. Use caution when shredding files. Use caution that you do not accidentally select this option without meaning to do so.
Secure – Secure is a temporary measure at best. It secures individual files with a password and encryption. If you forget the password, you will be locked out of the password and if an experienced hacker steals your computer, they will eventually guess that password.
Quarantine - Move the highlighted files to a quarantine location and permanently shred it from its original location. This is a better option than just dragging the file to a different location, because it destroys the original copy in the insecure location.
Ignore - Ignore either the currently highlighted item or its identity match so that Identity Finder does not find it again.
*Note: Identity Finder will never search an item on the ‘ignore’ list. To remove an item from the ‘ignore’ list, use the ‘manage ignore’ list option. Use this option carefully. Be sure the items you mark to ignore do not have protected info.
Recycle –(Windows only) delete the highlighted file by moving it to the recycle bin. UNH IT Security does not recommend that you use this option.
*Note: This does not actually delete your file and has a high probability of being recovered even after you empty the recycle bin. It is recommended you use the shred button instead.
Scrub – (Windows only) remove the highlighted information from the location while keeping all other data intact. This does not work for all file types.
I have sensitive data that I need to keep. What does UNH IT recommend I do with files containing Personally Identifiable Information (PII) that I need to keep safe?
Migrate the data to a centrally managed file server explicitly designed and approved for storage of such information. Contact email@example.com to discuss details.
How often should I run an Identity Finder scan?
Scan as frequently as possible. If you handle private data on a daily basis, scan at least weekly. If you occasionally or rarely handle data, run a scan at least monthly. The more scans you run, the safer your data will be. Remember that the UNH licenses expire in the spring of 2012. Run your scans now and several time until then.
Should I run Identity Finder on a networked drive that I share with my coworkers?
UNH currently does not have an Identity Finder License to scan an entire file server with full server administrative rights, however you can scan the file share (networked drives) that are available to you on the server when you log into your computer, using your individual server account.
Should I run Identity Finder on a computer that other people use? Should I use my own login or the administrator’s login? Does it matter?
Use your own personal login that provides you access to your files on that computer. Have the other employees run a scan using their login account.You should only use it on the computer that you use.
I forgot my password. What do I do?
Can the UNH IT Service Desk reset my Identity Finder password?
No, but the Service Desk can submit a trouble ticket to IT Security along with other Identity Finder questions you may have.
How do I skip a file? Identity Finder found a file that I edited to remove the sensitive data, but kept the file as a whole. I don't want to ignore it, but also don't want to remove or quarantine it. How can I do that?
Go through other files in the Wizard, but do not check the item you want to skip. The final screen of the Wizard gives you an option to skip the item when you finish with the wizard.