Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

What is the resolution if the console reports findings?

Should Identity Finder report that there is sensitive information on end-users’ computers, the Information Steward or their delegate should contact the user who owns the machine or their Frontline Support Provider. Identity Finder will not record actual sensitive information. It will report the location and name of the file as well as what type of data it has found. For example, it will say it has found a social security number in the file “Tax Return 2011.pdf”. This allows Information Stewards or their delegates to report the files holding data without compromising the user’s privacy. The Information Stewards or their delegates must work with the individual end-users to clean up any files. A scan result does not mean the user violated policy or is in any “trouble.” This exercise is to reduce risk, not audit compliance, and anyone participating is to be commended.

Is the scan noticeable on the client’s computer?

The impact on end-users should be minimal and the collective scan should be less noticeable than the previous individualized version. The scans are only run monthly and may be run less frequently in the future. If the user is doing something which requires heavy utilization of their computer, the scan may be noticeable.

Will individual users have to execute scans?

No, the scan will be scheduled to run automatically in the background. The monthly scans will be executed through the centralized console by an Information Steward or their delegate. Users have the option of running a scan any time they want and viewing the results, which will also be automatically uploaded to the console server. If the user does not want results reported to the console server, they can still run the individual version of Identity Finder.

What responsibilities will Frontline Support Providers have for supporting Identity Finder?

Frontline Support Providers may be asked to install Identity Finder for users who do not have admin credentials and are not on LanDesk. They also may be contacted if a particular user has a large cache of data on their machine and needs help locating and verifying the information. Should Frontline Support Providers need support, they can contact Information Security for assistance with any of these activities.

What if a user has existing customized settings?

Should a user have existing customized settings, Information Security would like to talk to the users about their settings. They should not be overwritten by the centralized console. If they are beneficial or help to produce more useful or accurate findings, they could be implemented centrally for the benefit of entire departments.

How many users are Information Stewards or Frontline Support Providers going to contact each time results are reviewed?

We recommend that the Information Stewards use a ‘risk based’ approach and only contact a fixed number of people with the largest caches of sensitive information. For example, the list of findings could be sorted by UTLN and the Information Steward or their delegate could contact the top 10 end users. With repeated monthly or quarterly reviews, top users should cycle out of the list as they remove unnecessary information from their machines or it is noted that the sensitive information is important for their role or position.

What data does Identity Finder scan for?

Currently Identity Finder scans for social security, bank account, and credit card numbers. Personal configurations can be made to search for additional information, but these are not enabled by default.

How should we handle multiple accounts on one machine?

The central console will automatically scan the most frequent user's files. Old data is unlikely to be accessed but if you are worried about a former user, you can manually run as administrator on that computer. Old data is not the greatest threat and a current user is more likely to have sensitive data stored on a machine.

  • No labels