Educause Security Discussion mailing list archives

Re: Identity Finder

From: Paul Lepkowski <peliso () RIT EDU>
Date: Fri, 18 Dec 2009 11:02:01 -0500

At RIT, we are deploying Identity Finder to a couple thousand of our systems
(clients and servers).  We are currently deploying on Windows first and then
MAC (hopefully) soon thereafter.  We are using a centralized model even
though we have 13 separate IT groups on campus.  This is due to our security
requirements for protection of the IDF console server.  We also don't want
13 IDF servers scattered around campus.  We have it searching Outlook and
PST files as well.  There is more PI in email that people realize.  Having a
periodic scheduled scan and a process for handling the reporting and
remediation is very important.  User training is vital.  Ben Woelk and some
of our student employees have developed an excellent website that includes a
training demo.  Please feel free to visit the sites:

- RIT InfoSec website:  http://security.rit.edu/pim.html
- IDF user training demo:
http://security.rit.edu/simulations/pim/idfdemo.html

No product is perfect.  Overall, the Identity Finder product is very good.
Technical support and the response time for any issues is excellent.

Our office has developed a very in-depth knowledge of the product over the
past several months.  I'd be happy to chat with anyone offline if you would
like more information.


Paul Lepkowski, CISSP, GIAC-GPEN
RIT Information Security Office
Information Security Lead Engineer to ITS
Staff Council Representative

Rochester Institute of Technology
Ross 10-A200
151 Lomb Memorial Drive
Rochester, NY 14623
(585) 475-6972
 <mailto:paul.lepkowski () rit edu> paul.lepkowski () rit edu

CONFIDENTIALITY NOTE: The information transmitted, including attachments, is
intended only for the person(s) or entity to which it is addressed and may
contain confidential and/or privileged material. Any review, retransmission,
dissemination or other use of, or taking of any action in reliance upon this
information by persons or entities other than the intended recipient is
prohibited. If you received this in error, please contact the sender and
destroy any copies of this information.

From: Ben Woelk
Sent: Thursday, December 17, 2009 4:32 PM
To: The EDUCAUSE Security Constituent Group Listserv
Cc: Paul Lepkowski
Subject: RE: [SECURITY] Identity Finder

We're doing an Enterprise rollout at RIT. Our security engineer (Paul
Lepkowski) should be able to answer any questions.

Ben Woelk '07
Information Security Communications and Training Specialist
Rochester Institute of Technology
Ross 10-A204
151 Lomb Memorial Drive
Rochester, New York 14623
585.475.4122
585.475.7920 fax
ben.woelk () rit edu
 <http://security.rit.edu/dsd.html> http://security.rit.edu/dsd.html

Become a fan of RIT Information Security at
<http://rit.facebook.com/profile.php?id=6017464645>
http://rit.facebook.com/profile.php?id=6017464645

Follow us on Twitter:  <http://twitter.com/RIT_InfoSec>
http://twitter.com/RIT_InfoSec

CONFIDENTIALITY NOTE:  The information transmitted, including attachments,
is intended only for the person(s) or entity to which it is addressed and
may contain confidential and/or privileged material.  Any review,
retransmission, dissemination or other use of, or taking of any action in
reliance upon this information by persons or entities other than the
intended recipient is prohibited.  If you received this in error, please
contact the sender and destroy any copies of this information.


  _____

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Richard A MacLaughlin
Sent: Thursday, December 17, 2009 4:00 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Identity Finder

I am looking into products (or free utilities) that can scan for SSNs,
credit card information, and anything else that would be considered
sensitive.  Currently, we use Cornell Spider, but I'm looking for something
more powerful and consistent.  It has been mentioned to me before to look
into Identity Finder as a  potential solution and it looks promising, but I
was wondering if any of you had any hands-on experience with Identity Finder
or if you could recommend a better or different product?

I've contacted their sales department to give me some more information about
specific questions I have, but I'll reiterate one question here in case any
of you have hands-on experience.  It seems like the product is primarily
geared toward Windows environments, so I'm wondering how successful (if at
all) it is at finding any true positives when scanning file extensions that
aren't native to Windows.  Of course, I'll reiterate that I'm definitely
open-minded to other solutions beside Identity Finder if there is something
better.

Thanks,

Richard A. MacLaughlin
Information Security
Valdosta State University
Phone:  (229) 333-5974

Attachment: smime.p7s
Description:

Current thread:

Re: Identity Finder, (continued)
- Re: Identity Finder Flynn, Gerald (Dec 18)
- Re: Identity Finder Flynn, Gerald (Dec 18)
- Re: Identity Finder randy marchany (Dec 18)
- Re: Identity Finder Chris Vakhordjian (Dec 18)
- Re: Identity Finder David Escalante (Dec 18)
- Re: Identity Finder Peterman, Martin (mdp4s) (Dec 18)
- Re: Identity Finder Gary Dobbins (Dec 18)
- Re: Identity Finder Brad Judy (Dec 18)
- Re: Identity Finder Peterman, Martin (mdp4s) (Dec 18)
- Re: Identity Finder Harold Winshel (Dec 18)
- Re: Identity Finder Paul Lepkowski (Dec 18)
- Re: Identity Finder Ben Woelk (Dec 18)
- Re: Identity Finder Felecia Vlahos (Dec 19)