Educause Security Discussion mailing list archives

Re: Identity Finder

From: Ben Woelk <fbwis () RIT EDU>
Date: Fri, 18 Dec 2009 11:34:20 -0500

  _____

From: Paul Lepkowski
Sent: Friday, December 18, 2009 11:02 AM
To: Ben Woelk; The EDUCAUSE Security Constituent Group Listserv
Subject: RE: [SECURITY] Identity Finder

At RIT, we are deploying Identity Finder to a couple thousand of our systems (clients and servers).  We are currently 
deploying on Windows first and then MAC (hopefully) soon thereafter.  We are using a centralized model even though we 
have 13 separate IT groups on campus.  This is due to our security requirements for protection of the IDF console 
server.  We also don't want 13 IDF servers scattered around campus.  We have it searching Outlook and PST files as 
well.  There is more PI in email that people realize.  Having a periodic scheduled scan and a process for handling the 
reporting and remediation is very important.  User training is vital.  Ben Woelk and some of our student employees have 
developed an excellent website that includes a training demo.  Please feel free to visit the sites:

- RIT InfoSec website:  http://security.rit.edu/pim.html

- IDF user training demo:  http://security.rit.edu/simulations/pim/idfdemo.html

No product is perfect.  Overall, the Identity Finder product is very good.  Technical support and the response time for 
any issues is excellent.

Our office has developed a very in-depth knowledge of the product over the past several months.  I'd be happy to chat 
with anyone offline if you would like more information.

Paul Lepkowski, CISSP, GIAC-GPEN

RIT Information Security Office

Information Security Lead Engineer to ITS

Staff Council Representative

Rochester Institute of Technology

Ross 10-A200

151 Lomb Memorial Drive

Rochester, NY 14623

(585) 475-6972

paul.lepkowski () rit edu<mailto:paul.lepkowski () rit edu>

CONFIDENTIALITY NOTE: The information transmitted, including attachments, is intended only for the person(s) or entity 
to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, 
dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other 
than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy any 
copies of this information.

From: Ben Woelk
Sent: Thursday, December 17, 2009 4:32 PM
To: The EDUCAUSE Security Constituent Group Listserv
Cc: Paul Lepkowski
Subject: RE: [SECURITY] Identity Finder

We're doing an Enterprise rollout at RIT. Our security engineer (Paul Lepkowski) should be able to answer any questions.

Ben Woelk '07

Information Security Communications and Training Specialist

Rochester Institute of Technology

Ross 10-A204

151 Lomb Memorial Drive

Rochester, New York 14623

585.475.4122

585.475.7920 fax

ben.woelk () rit edu<mailto:ben.woelk () rit edu>

http://security.rit.edu/dsd.html

Become a fan of RIT Information Security at http://rit.facebook.com/profile.php?id=6017464645

Follow us on Twitter: http://twitter.com/RIT_InfoSec

CONFIDENTIALITY NOTE:  The information transmitted, including attachments, is intended only for the person(s) or entity 
to which it is addressed and may contain confidential and/or privileged material.  Any review, retransmission, 
dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other 
than the intended recipient is prohibited.  If you received this in error, please contact the sender and destroy any 
copies of this information.

  _____

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Richard 
A MacLaughlin
Sent: Thursday, December 17, 2009 4:00 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Identity Finder

I am looking into products (or free utilities) that can scan for SSNs, credit card information, and anything else that 
would be considered sensitive.  Currently, we use Cornell Spider, but I'm looking for something more powerful and 
consistent.  It has been mentioned to me before to look into Identity Finder as a  potential solution and it looks 
promising, but I was wondering if any of you had any hands-on experience with Identity Finder or if you could recommend 
a better or different product?

I've contacted their sales department to give me some more information about specific questions I have, but I'll 
reiterate one question here in case any of you have hands-on experience.  It seems like the product is primarily geared 
toward Windows environments, so I'm wondering how successful (if at all) it is at finding any true positives when 
scanning file extensions that aren't native to Windows.  Of course, I'll reiterate that I'm definitely open-minded to 
other solutions beside Identity Finder if there is something better.

Thanks,

Richard A. MacLaughlin

Information Security

Valdosta State University

Phone:  (229) 333-5974

Current thread:

Re: Identity Finder, (continued)
- Re: Identity Finder Flynn, Gerald (Dec 18)
- Re: Identity Finder randy marchany (Dec 18)
- Re: Identity Finder Chris Vakhordjian (Dec 18)
- Re: Identity Finder David Escalante (Dec 18)
- Re: Identity Finder Peterman, Martin (mdp4s) (Dec 18)
- Re: Identity Finder Gary Dobbins (Dec 18)
- Re: Identity Finder Brad Judy (Dec 18)
- Re: Identity Finder Peterman, Martin (mdp4s) (Dec 18)
- Re: Identity Finder Harold Winshel (Dec 18)
- Re: Identity Finder Paul Lepkowski (Dec 18)
- Re: Identity Finder Ben Woelk (Dec 18)
- Re: Identity Finder Felecia Vlahos (Dec 19)