Versions Compared

Version Old Version 20 New Version 21
Changes made by

Rebecca.Dewey

Rebecca.Dewey

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The centralized console will not be able to view, edit, or delete sensitive data. Instead, the console will only show the location of the sensitive file on the end user's machine. The Information Stewards or their delegates must work with the individual end-users to clean up any files.

Using the Console

The following is a guide to using the Identity Finder Console as well as an example workflow for identifying potential sensitive information and working with users to remove it. If you are an Information Steward and your department would like to opt in to using the system, contact Information Security for more information and log-in credentials.

...

Overview

1. Identify users with the highest number of reported sensitive data matches. There are often false positives in Identity Finder, so these matches may not always be accurate. 

...

By reviewing the top 5 to 10 highest users every quarter, you will quickly eliminate the majority of unnecessary sensitive data in your division. The highest user typically holds over 50% of the sensitive data, so by removing or white listing those files, you can reduce your risk by half almost immediately. The 10 top users should change each quarter as you work with the members of your division to remove sensitive data. 

Using the Console

The following is a guide to using the Identity Finder Console as well as an example workflow for identifying potential sensitive information and working with users to remove it. If you are an Information Steward and your department would like to opt in to using the system, contact Information Security for more information and log-in credentials.

Information Security recommends the following workflow to address users with the largest caches of sensitive information first. Detailed instructions on using the console follow but at a high level:

To begin, navigate to the Identity Finder Console page at https://tftmvmidfind.tufts.ad.tufts.edu/Console/ and log in.

...

Once you have filtered the results to include only those which you believe contain sensitive data, call the end-user or users to notify them. You can give them the file locations so that they can view the files and choose to keep or delete them. Users are not required to remove the information from their computers.

Exporting Results and Scheduling Routine Scans

Remembering to run scans every month or quarter might be difficult. There is an option in Identity Finder to export results to a CSV file on a regular schedule. Though this will not give you access to the full functionality of the console, it is a convenient option. Receiving the export could also serve as a reminder to log into the console to review the results. To export a scan, first go to the Results tab and click Export.

...