MANAGING PII WITH IDENTITY FINDER Paul Hanson IET-Data Center and Client Services University of California, Davis.

Slides:



Advertisements
Similar presentations
WordPress Installation for Beginners Sheila Bergman
Advertisements

Module 1: Introduction to SQL Server Reporting Services.
Services Course Windows Live SkyDrive Participant Guide.
ESafe Reporter V3.0 eSafe Learning and Certification Program February 2007.
WSUS Presented by: Nada Abdullah Ahmed.
Module 1: Installing Windows XP Professional
Installation and Deployment in Microsoft Dynamics CRM 4.0
Headquarters Enterprise Messaging Initiative (HEMI)
OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program or UCSF Campus VPN.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.
Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 24 NTFS Permissions and Sharing Printers 1.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
Installing Windows XP Professional Using Attended Installation Slide 1 of 41Session 2 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.
Tripwire Enterprise Server – Getting Started Doreen Meyer and Vincent Fox UC Davis, Information and Education Technology June 6, 2006.
Microsoft Office 2013 ®® Appendix A Introduction to Cloud Computing.
Operating System & Application Files BACS 371 Computer Forensics.
11 CONFIGURE INTERNET EXPLORER Chapter 5. Chapter 5: Configure Internet Explorer2 CHAPTER OVERVIEW AND OBJECTIVES  Configuring Accessibility and Language.
OS and Application Files BACS 371 Computer Forensics.
Security SIG August 19, 2010 Justin C. Klein Keane
Using Cornell’s Spider to scan for sensitive information January 27, 2009 Steve Lovaas, ACNS Colorado State University.
Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.
Section 6.1 Explain the development of operating systems Differentiate between operating systems Section 6.2 Demonstrate knowledge of basic GUI components.
1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.
6/1/2001 Supplementing Aleph Reports Using The Crystal Reports Web Component Server Presented by Bob Gerrity Head.
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.
A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 15 Installing and Using Windows XP Professional.
9/10/20151 Hyperion Enterprise 6.5 New Features & Functionality Robert Cybulski, CPA Finit Solutions.
© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 6 Today’s Windows Windows Vista and Windows 7 McGraw-Hill.
Tutorial 11 Installing, Updating, and Configuring Software
What is the big idea behind the 12/3 Identity Finder scan? The system-wide scan on 12/3 is intended to permanently remove all PII and anything looking.
Oracle Application Express 3.0 Joel R. Kallman Software Development Manager.
Accessing Barney Off- Campus How can I get my H: files when I am not on the GU network? Business 111 Edward Mitchell Fall 2006.
1Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall. Exploring Microsoft Office Access 2010 by Robert Grauer, Keith Mast, and Mary Anne.
Administration of Users in Lync.  Lync 2010 is the next version of Office Communication Server 2007 R2 (OCS). It requires a migration and not just an.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 12: Managing and Implementing Backups and Disaster Recovery.
- your business within reach -. WHY CLOUD? Services run through browsers and apps on Smartphones and Tablets Eliminates physical devices Secured access.
Indispensable tools for research at its best Introducing the New Write-N-Cite.
Explain the purpose of an operating system
Module 6: Configuring User Environments Using Group Policy.
Oracle 10g Database Administrator: Implementation and Administration Chapter 2 Tools and Architecture.
1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.
Module 3 Configuring File Access and Printers on Windows ® 7 Clients.
Configuring Data Protection Chapter 12 powered by dj.
Module 6: Managing Client Access. Overview Implementing Client Access Servers Implementing Client Access Features Implementing Outlook Web Access Introduction.
Module 3 Configuring File Access and Printers on Windows 7 Clients.
Review Windows XP/Vista/7. OS: Operating System The major tasks working on a operating system and Office 2010: Using GUI: The starting interface is desktop.
VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.
NetTech Solutions Microsoft Outlook and Outlook Express Lesson Four.
Welcome School of Business Information Technology Services Chris Buckridge, Chris Zissis, Chris Hewitt 10 Fulltime Staff Members 10 Student Techs.
Managing Applications, Services, Folders, and Libraries Lesson 4.
Module 6: Configuring User Environments Using Group Policies.
Module 1: Introduction to Microsoft SQL Server Reporting Services
THE WINDOWS OPERATING SYSTEM Computer Basics 1.2.
Module 14: Advanced Topics and Troubleshooting. Microsoft ® Windows ® Small Business Server (SBS) 2008 Management Console (Advanced Mode) Managing Windows.
BY: SALMAN 1.
BY: SALMAN.
RBS Remote Business Support System
Computer Software Created by Ann Ware
Working with Data in Windows
SharePoint 2019 Changes Point of View.
SQL Saturday #654 - Omaha.
TechEd /21/2018 5:20 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered.
Session Objectives And Key Takeaways
12/9/2018 Desktop Virtualization Corey Hynes Kyle Rosenthal President Technical Lead HynesITe Inc Spider Consulting @windowspcguy.
Microsoft PowerPoint 2007 – Unit 2
System Software: Operating system, Utility Programs, & File Management
Presentation transcript:

MANAGING PII WITH IDENTITY FINDER Paul Hanson IET-Data Center and Client Services University of California, Davis

Agenda  What is PII and where’s the value?  What is Identity Finder?  Alternative Solutions  What can Identity Finder Scan?  How does Identity Finder handle the results?  Identity Finder Architecture  Architecture Overview  Client UI  INI Files  Custom MSI  Architecture Overview  Management Console  IET DCCS Implementation  IET DCCS Architecture  Lessons Learned  Breaking News  Questions

What is PII and where’s the value?  Cybersecurity (UC Davis)  Massachusetts 201 CMR  Protected Health Information (PHI)  Health Insurance Portability and Accountability Act (HIPAA)  FACT Red Flag Rules  Incident Response  Sysadmins may not know the data is there.

What is Identity Finder  Identity Finder searches the deepest recesses of a computer to locate and secure data that is vulnerable to identity theft - even when you don’t know it exists. The information is then presented to you to permanently shred, quarantine to a secure location, or encrypt with a password. Source:  Primarily Supports Windows & Mac  Feature rich  Continuously improving

Alternative Solutions WindowsMac Linux/ Unix Virginia Tech Find_SSNs XXX Cornell Spider XXX PowerGREP ???

Identity Finder Architecture  Enterprise Client  Installed on the workstation/server & does the heavy lifting  Management Console ( Really just a reporting server )  Dedicated system running IIS w/MSSQL  OS Compatibility  Clients for Windows and Mac  Linux/Unix systems are scanned remotely

What can Identity Finder Scan?  Microsoft Office (Excel, PowerPoint, Word, and OneNote including 2007)  Adobe Acrobat PDF (including 9.x)  Cookies and instant messenger logs  HTML files (htm, asp, js, etc.)  Text files (ANSI, Unicode, Batch, Source code)  Rich text files (rtf format)  files within the My Documents folder of your personal computer  files anywhere on your personal computer  removeable hard drives connected to your PC  Create custom folder lists for seaching (ability to include and exclude subfolders)  compressed files (zip, gzip, bzip, tar, rar, and z)  Microsoft Access database files (including 2007)  Any other known or unknown file type Source:

What else does Identity Finder scan?  Database connector  OLEDB (i.e., SQL, Oracle, Sybase, DB2, etc.)  Website crawler  HTTP or HTTPS  Remote file shares (SMB, NFS, Samba)  – Mailboxes, PST’s, MBOX, Tbird  IE & Firefox Cache  AnyFind vs. Specific Values (e-discovery requests)

What does Identity Finder do with the results?  Save as secured Identity Finder file (*.idf) using FIPS validated 256 bit AES  Save as HTML Summary Report  Choose specific information for custom reports to be saved  Save as Full Export into Comma Separated Value format  Save as Executive Summary Report  Upload to Management Console  What about the hits?  Secure – encrypts the file using FIPS validated 256 bit AES  Shred – based on DOD M standard  Ignore  Quarantine – Secures a copy of the file and shreds the original  Recycle – same as the windows recycle bin. Not a secure method.  Will clean web browser cache & registry

Architecture Overview  Client  Configuration User Interface INI Files MSI Customization Boot from CD  Management Console  IIS & SQL

Architecture – Client UI  Main  What to Search for  Where to Search  Tools and Options  Settings  Scheduling

Architecture – INI Files  Creating an INI File  Created in UI  Copied over  Run on demand or scheduled task  /jobmode /inifile=“.ini”

Architecture – Custom MSI  Creating the environment  Download Windows SDK (~1.1GB for Vista)  Install Orca.msi  Add system variables  Extract MSI  Run lictomsi.cmd  Import Tables  Schtasks for all systems  Include Management Console phone home  No x64 bit support…. Yet.

Identity Finder Client Lab

Architecture – Management Console  Single server, dual purpose  WS2003/2008 (x86 or x64)  IIS6 or IIS7 w/Metabase compatibility .Net Framework 3.5 SP1  Microsoft Report Viewer Redistributable 2008  Creates Client Registry Settings (x86 & x64)  SQL 2005/2008 (Express, Std, Ent)  Certificates & Encryption

IET DCCS Implementation  Powershell installation script  Started with custom MSI  x86 was fairly smooth Users couldn’t modify settings to rescan  x64 required some extra work No support for x64 so had to use INI files anyway  Moved to INI files  No reason to support two methods  Users can tweak settings and rescan systems  Scans launched using the system account

IET DCCS Architecture  Mangement Console  Separate virtual systems for IIS & SQL  Certificates  Clients  Leveraged Powershell to script installation Verify connectivity to MC Check system type Include password check Check for and uninstall previous versions Import registry key for MC Create INI Delete old scheduled task Schedule new scan

Lessons Learned  MC is a resource hog.  Nuances with schtasks.  Clients were configured to search for SSN & CC but also pulled up Back Account information.  Be prepared for False-Positives.  Password check really slows down the scan.  When configured as background service, it will allocate the remaining resources.

Breaking News  Features in the next version of Identity Finder.

Questions?

Identity Finder Management Console Lab

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.