Share

When Identity Finder Finds Identities!

Posted: September 4, 2013

“Shred it All” is a good motto for the Association of Sauerkraut Makers, but a poor choice for Identity Finder users. When is the right time to shred, and when is it better to ignore, and why should you care?

As we all know, Penn State requires computers be routinely scanned to identify and remove Personally Identifiable Information (PII). With the newest versions of Identity Finder (IDF), all computers in the College should be automatically scanning for PII every few weeks. After the scan, IDF presents to you a list – often a long list – of instances that the software has determined just might be sensitive data. Once this report is presented it becomes your duty to clear the screen…and it is very important to take care in the way that you react to the list.

Shredding everything is not a good plan, and neither is ignoring everything. A document that has been shredded by Identity Finder cannot be restored. Click through your results and identify those instances where true PII is found. Shred, Scrub or manually clean those specific documents. Perhaps you made a credit card purchase using your computer at work or a direct payment message arrived containing back account information. You and Penn State both want this information to be removed from your computer, and shredding, scrubbing or cleaning is the best option.

Identity Finder will also find instances where something could be PII, but when you look at the series of numbers and the context in which it is used, you are assured that it is not PII. This is the proper time to use the Ignore button. You can ignore just one instance of suspected PII from a file by using the Ignore Match option, or you can ignore the entire file (if multiple instances are identified in the same file) by selecting the Ignore Location option. In future scans, IDF will ignore this instance or file and move on to the other documents to be scanned, saving you the trouble of seeing this item again.

Wholesale, indiscriminate shredding can - and has - led to the loss of important system files and data files which results in frustration and down time. Wholesale, indiscriminate use of the ignore options can - and has - led to the compromise of people’s private information – your colleagues information or possibly even your own, leading to frustration, down time and perhaps University sanctions. Careful and appropriate use of both options can - and has - led to happy users, IT Staff and administrators.

More information on Identity Finder and remediation of results can be found on this web page: http://agsci.psu.edu/it/how-to/quick-reference-about-idf-remediation

As always, your Support and Consulting Teams are standing by to help you make the right call when you’re faced with results that have no clear meaning to you.