...
1. Identify users with the highest number of reported sensitive data matches. There are often false positives in Identity Finder, so these matches may not always be accurate.
2. Review the file locations of search results for the top users you identified. Information Security recommends reviewing the top 5-10 users or reviewing all users with a certain number of matches or above. Use your judgement on whether these files contain University data or personal records. In either case, you should contact the user to inform them that they have this data; however, University data is of a higher priority from an institutional perspective. If you are sure that a file does not contain sensitive data, you can exclude it from the results or add it to the "Global Ignore List."
3. If any potential sensitive data still remains, contact the user or users' support provider to help them locate and evaluate the contents of the files. In the majority of cases, the information is not necessary for the user's job or business and they are eager to remove sensitive information. If they need the information or would like to retain it for personal reasons, they will inform you and you can put those individual results on the "Exclude" or "Global Ignore List."
By reviewing the top 5 to 10 highest users every quarter, you will quickly eliminate the majority of unnecessary sensitive data in your division. The highest user typically holds over 50% of the sensitive data, so by removing or white listing those files, you can reduce your risk by half almost immediately. The 10 top users should change each quarter as you work with the members of your division to remove sensitive data.
Navigate to the Identity Finder Console page at https://tftmvmidfind.tufts.ad.tufts.edu/Console/ and log in.
...