Identity Finder FAQ


What is Identity Finder?

Identity Finder is a software suite that can help locate sensitive information such as credit card or social security numbers that is stored on computer hard drives or on networked storage.

Why do I need to use Identity Finder to scan my computer?

On March 1, 2010 Massachusetts regulations went into effect requiring that personal information in both electronic and physical form be protected. Personal information is defined as a person’s first and last name (or first initial and last name) in combination with one of the following: social security number, state ID number (drivers license number, for example) or a financial account number. Scanning computers locates this personal information and allows us to remove any that is not required.

Where do I get the Identity Finder software?

OIT will install the software for you remotely. Contact OIT at 617-636-0331 or via e-mail at OIT@tufts.edu.

How do I scan my computer?

For instructions on scanning your computer and managing the results of the scan, please visit the Guide to Running Identity Finder

Windows: https://wikis.uit.tufts.edu/confluence/display/OIT/IDF+End+User+Guide+for+Windows

Mac: https://wikis.uit.tufts.edu/confluence/display/OIT/IDF+End+User+Guide+for+Mac

Where is the program installed?

The program, which is named “Identity Finder” will be located under your Start Menu and the icon is a representation of a blue dog on a gray background.

Which items are included in the scan?

All information stored on your computer and your P: drive will be scanned, including but not limited to: documents, email, email attachments, spreadsheets, PDFs, and databases.

Will the scanning affect my computers performance?

The program has been tuned to only use a portion of the computer’s resources, but it will slow down your computer noticeably while the scan is running.

What information is the scan looking for specifically? 

Identity Finder is searching for the following information; Social Security Numbers, Credit Card Numbers, Banking Account Numbers, Driver’s License Numbers. These items in correlations with other personal information are protected by MA 201 CMR 17.

What about the privacy of the personal information stored on my computer?

The Responsible Use of Institutional Systems Policy states:

“Use of institutional systems is not ultimately private. While Tufts does not routinely monitor individual usage of resources, normal operation and maintenance of resources requires logging of activity, backup and caching of data, and other activities necessary to provide services and ensure adherence to laws and regulations.”

Who will have access to the scan results?

The results of the scan will appear within the Identity Finder program for you to act upon and logs of the data that was found and what actions were performed will be delivered to the Information Steward responsible for your area.

Is this information that is gathered by the scan stored somewhere?

The collected information, which includes the folder location, file name and last four digits of the number, will be stored on the Identity Finder Server.

Will OIT be able to access any sensitive information on my system?

No, OIT will only have access to the reports, which only include file location, filename, and the last four digits of any numbers located.

What do the results look like?

The information in the report will include the folder location, file name and the last four digits of the number that was located.

What do the results look like when the information is found in email or in an email attachment?

The results show the E-mail client name (i.e. Thunderbird or Outlook), the name of the folder, and the subject of the e-mail message, or the name of the attachment.

What will happen after the scan?

If sensitive data is located on your system, the Information Steward will work with you to determine whether this information is necessary for the performance of your job and should be retained and protected, or removed.

Can identity finder be used to remove unnecessary information and if so, How will that work?

Yes, Identity Finder will allow you to securely delete your data via the “shred” feature. The “shred” option will completely eliminate your data and make it unrecoverable, so this option must be used with caution. More information regarding the use of Identity Finder can be located in the Guide to Running Identity Finder:

Windows: https://wikis.uit.tufts.edu/confluence/display/OIT/IDF+End+User+Guide+for+Windows

Mac: https://wikis.uit.tufts.edu/confluence/display/OIT/IDF+End+User+Guide+for+Mac

I have information that I need to retain, can it be protected?

If there is data that you believe must be retained please contact your manager or your Information Steward to discuss how this information should be protected. For laptops, this will include encryption of the entire computer, which will be coordinated with your Information Steward.

Will this be happening once, more than once, or on a repeating basis?

After the initial scan is run the frequency of future scanning will be determined by the Information Stewards based on the findings of the first scans and the usage patterns of the system.

Who do I contact if I have problems or questions about the scanning?

Please contact your manager, Information Steward, or OIT if you have questions or concerns

Can I opt out of scanning?

If you would like to request to opt-out, please contact your manager, who will discuss any concerns with the Information Steward.

I have multiple computers, should I scan them all?

Any computers at risk to have sensitive information will be scanned. At the moment, Identity Finder is only licensed for Tufts owned computers.

Does it matter if I have a mac or pc?

No, Macs and PCs will be scanned via Identity Finder using the same method.

What about my computer at home, I often do work on the weekends/evenings.

Your home computers will not be scanned, but they are subject to the same data privacy laws and should not be used to store sensitive information.  If you have concerns that you may have sensitive information on your computer, please contact your Information steward.  UIT has licensed the Home version of IdentityFinder for all Tufts students, faculty, and staff. We encourage you to use the home version on your personal computer to help locate sensitive information so that it can be protected or removed (if no longer needed). You may obtain a copy of the Home version of IdentityFinder on the Guardit website at https://wikis.uit.tufts.edu/confluence/display/idfinder/Home+Edition .

What about smart phones, PDAs, NetBooks and other mobile devices?  Will we be scanning these?

Netbooks that use Windows as an operating system will be scanned, but Smartphones, and other mobile devices such as iPads cannot be scanned nor fully secured and should not be used to access or store sensitive information. If you believe that you do have sensitive information on a mobile device, please locate it and securely remove it. If you have questions, please contact OIT.

What if it won’t let me shred something?

Contact OIT for assistance in shredding files if you are unable to perform this action through Identity Finder.

What if it finds Personal Information (PI) in an e-mail message?

If Identity Finder locates Personal Information in an e-mail message, please do not act upon the message from within Identity Finder. A risk of mailbox corruption exists if you choose to “Recycle” or “Shred” the message from within the Identity Finder program. In order to delete these messages, please open up your mail client (Mozilla Thunderbird, Microsoft Outlook etc.), locate the message and delete it.  Please make sure to empty your trash folder or use the “compact folder” option to make sure the e-mail has been completely removed.

How should I scan a shared or previously-owned computer?

If you have a computer that is shared among several users, or was primarily used by someone else, it may have files on it to which your account doesn’t have access. Identity Finder scans use the access rights of your user account, so you may need to contact OIT in order to scan the entire computer.

, , , , ,

Comments are closed.