History and Background:
ITS has been given the task of finding a means to identify and remove all old SSN-based files that exist unsecured and found on desktops, laptops, and even handheld devices, where they are at risk for disclosure.
During the summer of 2009, the Information Security Office has been experimenting with a software utility which finds SSNs, credit card numbers (CCNs), and other data file types on Windows and Mac based personal computers. This project has now become a campus-wide initiative at the request of the University President and University Provost.
This project is a Top Priority of the ITS department, with the collaboration between the Project Management Office, Customer Services and Support, Server Engineering, Network Engineering and Information Security Group.
The Identity Finder application will meet some of the objectives for removing old SSN based data, and reducing our risk of data loss through theft, malware infections, and inadvertent online disclosure of sensitive (Restricted) data.
Identity Finder works like an anti-virus product. The client software installs locally, and communicates logs to a management reporting console operated by the Information Security Office. It scans local and external storage media (hard drives) for patterns that match SSNs, Credit Card Numbers, password files, and other potentially sensitive information that could lead to the risk of identity theft. The users will then be given the option of shredding (preferred) old SSN data, or moving the data to a secured file vault for later shredding. Of primary interest is the search for SSNs, with CCNs being of secondary interest. The goal of this unit testing, and your participation, is to exercise the implementation to identify how the system reports, and to identify any support issues that may arise before a phased deployment across campus occurs. Thanks in advance for your assistance!
Policy updates have been made and approved by the University. Please note the following: