Data breaches are big news and can be very costly. At Stanford, most breaches of private information have been from computers where no one expected that data to be.
Identity Finder, commonly referred to as IDF, is a commercial product that scans laptops and desktops to locate sensitive data, such as Social Security numbers and credit card numbers. Identity Finder scans will be performed in accordance with University mandates.
Managed by BigFix, Identity Finder provides you or your IT support team with a report that allows you to delete personally identifiable information (PII) that is unneeded. In a broad deployment in 2013, 15 percent of scanned systems had more than 500 PII records, and an additional 15 percent had between 100 and 500 records. No action is required on your part to run the program, but you will be notified if PII is found on your system, and you will have the option of deleting unnecessary files.
To simplify scanning, Identity Finder can be centrally installed via BigFix. Alternatively, BigFix Console Operators or local IT support personnel are welcome to subscribe computers to Identity Finder themselves; ISO can provide information on how to do so.
Please contact the Identity Finder program team so we can begin to plan the scan of your area. If you have any questions, concerns, or advice regarding this initiative, please feel free to contact the program team at firstname.lastname@example.org or alternatively Stanford's Chief Information Security Officer, Michael Duff at email@example.com. We appreciate your help with this important initiative.
To scan your machine yourself with Identity Finder, choose the appropriate operating system below to get started.