Educause Security Discussion mailing list archives
Re: Identity Finder
From: randy marchany <marchany () VT EDU>
Date: Fri, 18 Dec 2009 09:37:24 -0500
We wrote one of the freeware tools (Find_SSN, Find_CCN) and use IdentityFinder as well. IdentityFinder has the ability to be run on remote machines and some of our dept admins like that feature. The other tools don't have that ability. IdentityFinder does NOT run on Unix systems and since most of our database servers run on Unix/linux system, IdentityFinder doesn't help us there. The Windows version is excellent but I'm disappointed in the Mac version. Someone else mentioned the Mac version is a work in progress and I would agree with that assessment. It's still a very good product. Our Find_SSN/CCN tool runs on all platforms (Mac, Windows, Linux/unix). As far as false positives go, our tool is the best at reducing the number of false positives. The biggest complaint you will get from your users is "do I have to look at ALL of those files to see if there's sensitive data?". The answer is a) yes b) move all of those files into a folder and encrypt it and look for it later. All of the tools including ours will generate false positives. The key is having a sensitive data policy or standard in place. This will help you with users who don't want to look through all of them. The other problem with these tools is that none of them play well with Outlook/exchange .pst files which is probably where most of the sensitive data would be found in email attachments. I believe IdentityFinder requires you to log into Exchange first and that's their hook into .pst type files. My info may be dated but I believe it's still correct. This is the biggest issue with upper mgt. I would suggest building a test folder with regular files, Microsoft office files (.xls, .doc, Project, Visio, etc.), PDF files, .pst files, binaries, small database table) and run all of the tools against that folder and see the results. The advantage of the commercial tools include the report format (auditors will like it) but the freeware tools will simply generate a list of hyperlinks that point to the files in question. Randy Marchany VA Tech IT Security Office
Current thread:
- Re: Identity Finder, (continued)
- Re: Identity Finder Conor McGrath (Dec 17)
- Re: Identity Finder Maria P. Binder (Dec 17)
- Re: Identity Finder Flynn, Gerald (Dec 17)
- Re: Identity Finder Gary Dobbins (Dec 17)
- Re: Identity Finder Willis Marti (Dec 17)
- Re: Identity Finder Peterman, Martin (mdp4s) (Dec 18)
- Re: Identity Finder Allison Dolan (Dec 18)
- Re: Identity Finder Richard Miller (Dec 18)
- Re: Identity Finder Flynn, Gerald (Dec 18)
- Re: Identity Finder Flynn, Gerald (Dec 18)
- Re: Identity Finder randy marchany (Dec 18)
- Re: Identity Finder Chris Vakhordjian (Dec 18)
- Re: Identity Finder David Escalante (Dec 18)
- Re: Identity Finder Peterman, Martin (mdp4s) (Dec 18)
- Re: Identity Finder Gary Dobbins (Dec 18)
- Re: Identity Finder Brad Judy (Dec 18)
- Re: Identity Finder Peterman, Martin (mdp4s) (Dec 18)
- Re: Identity Finder Harold Winshel (Dec 18)
- Re: Identity Finder Paul Lepkowski (Dec 18)
- Re: Identity Finder Ben Woelk (Dec 18)
- Re: Identity Finder Felecia Vlahos (Dec 19)