Re: IdentityFinder - Data Discovery Software

["Wilkins, Vern W" <vwilkins () INDIANA EDU>]

We've found Identity Finder to be a very difficult tool to use efficiently, in a large enterprise environment.  I'll 
keep my response short and just say that I would not consider this tool enterprise-ready.  It's typical of software 
that is designed with the assumption that it will be installed and run by a single user, on their own machine.  If a 
single user is going to use the tool, to scan data they are familiar with, and they have a lot of IT assistance, the 
tool works reasonably well.  I would expect that most IT professionals would rather use the tool in a way that is more 
centralized and IT-managed, which in my opinion is where the software falls short.

In our environment (an academic library), the number of false positives we are seeing is very high.  We have a 
tremendous number of documents containing numbers that have the same format as social security numbers and various 
credit card numbers.  It's very labor intensive, either on the part of IT staff, users, or both, depending on how you 
want to split the workload of installing and running the tool, dealing with results, and adjusting the configuration.  
Aggregating or separating results (depending on how you perform the scans and what is scanned) of a large number of 
scans is especially time intensive, as is managing exceptions.  Although not necessarily a weakness of the tool itself, 
managing scans for multi-user resources has also been somewhat labor intensive for us.  Examples include scanning 
workstations or departmental shares used by many people.

Because of the large number of difficulties we have encountered trying to have IT staff run and manage this centrally, 
we are now leaning more towards having users run the scans, and running our own scans from IT only as confirmation that 
the users are appropriately using the tool and taking action as needed.  Obviously this still requires a great deal of 
user education and training, and IT staff will still need to provide a lot of assistance.

The Penn State case study seemed to indicate that IT staff was going around and installing the software, and running 
the scans, which just seems to reinforce our experience that there's not a very efficient way to use this tool in a 
large, complex, environment.  I don't see any mention in the Penn State study of how results were handled, how 
exceptions were managed, etc.  I assume that this would all be done with the help of IT staff, at the time of the first 
scan, which would add tremendously to the time commitment.

Vern Wilkins
Manager Library Technologies Core Services
Indiana University Libraries
Bloomington, IN

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () listserv educause edu] On Behalf Of Carlos 
Lobato
Sent: Monday, August 19, 2013 3:47 PM
To: SECURITY () listserv educause edu
Subject: [SECURITY] IdentityFinder - Data Discovery Software


Hello All,



Here at New Mexico State University we are thinking in evaluating IdentityFinder, but we would like to hear from those 
of you who are using another similar tool.



If you are using a tool similar to IdentityFinder please let us know the name of the tool, how long you have had it and 
if you are satisfied.



Thanks in advance,


Carlos S. Lobato, CISA, CIA
IT Compliance Officer

New Mexico State University
Information and Communication Technologies
MSC 3AT PO Box 30001
Las Cruces, NM  88003-8001

Phone: 575-646-5902
Fax: 575-646-5278

Email: clobato () nmsu edu<mailto:clobato () nmsu edu>