The most important part of running Identity Finder is determining the most effective and secure way of managing the results. This section is divided into four sub-steps, plus optional features. Be sure to carefully read and proceed through each of the first four sub-steps. Based on your work environment, you can determine if the optional features would be applicable to your computer.
- Step 3a – Determine the File's Origin
- Step 3b – Saving Your Search Results
- Step 3c – Acting on Your Search Results
- Step 3d – The Password Vault
- Step 3e – Optional Features
Important Notice: If you are under a litigation hold, contact the University Counsel (323-343-3054 or email@example.com) before making any changes.
For each file that contains "protected data," consider these points:
- Where did the file come from?
- Is it your personal work file?
- Is it a file from someone who previously used or owned the computer or electronic storage media?
- Do you have no idea where it originated.
- If the file was left from the previous computer owner or if you have no idea where it originated:
- If the computer or electronic storage media was provided to you by the University for business or academic operations, consult with your department chair or manager for advice on what to do with the file.
- If your department chair or manager does not believe the file was related to University business or academic operations AND you share your computer with co-workers or student assistants, consult the people you share your computer with to determine the file source and whether it needs to be retained.
- If you still do not know where the file originated after consulting with your department chair or manager AND the employees who share your computer, shred the file.
- Cal State L.A. Business or Academic Operations or Personal Data
- If you are unsure whether you need to retain a file containing protected data related to Cal State L.A. business or academic operations, consult with your department chair or manager.
- If the file does not need to be retained, shred the file.
- If the file does need to be retained, ask yourself if you need the sensitive personal information portions.
Securely Saving Your Results
If your list of protected data files is extensive, you can securely save your results and manage them at a later time. Follow these steps to save your search results:
- Click Save on the Quick Access toolbar. The Save As dialog box will appear. Browse to the location where you wish to save the Identity Finder (.idf) file.
- Enter a name for your file and click Save.
- Close the Identity Finder window.
Accessing Your Saved Information
- Launch Identity Finder. The Identity Finder Profile Sign-in window will appear.
- Enter your Identity Finder password. Click Next.
- The Identity Finder Search Wizard window will appear. Select Open Advanced Interface to open the Identity Finder window.
- Click Open on the Quick Access toolbar. The Open dialog box will appear.
- Browse to the location where you saved the file. Select the file. Click Open.
After reviewing your search results, you will need to select the best method to handle each identified file containing protected data. The following actions are available to yourecommended for use: secure (encrypt or scrub), shred, quarantine and ignore. The recycle action is available but it is not recommended.
Before taking any actions, you may want to open and review the file contents in its associated application. Selecting a file displays an unformatted version of the document in the Preview Pane on the right side of the Identity Finder window.
You can open a result in its associated Windows application is any of the following three ways:
- Double-click the result.
- Right-click the result and select Launch from the shortcut menu.
- Highlight the result by clicking with the mouse button or by using the arrow keys. Then press the Enter key on the keyboard.
Note for Macs: Selecting the name of the file will display a preview of the document, which can then be opened, if desired.
Secure (Encrypt) – Secures the highlighted item using the associated application's features.
Encrypt – Identity Finder for Windows uses application-specific encryption where available (e.g., Microsoft Office and Adobe PDF) to password protect the file. When no application-specific encryption is available, compressed file encryption is used. Depending upon the file type, you will be prompted differently for how to encrypt each file. Identity Finder for Macs does not offer application-specific encryption and will always use Identity Finder Vault file encryption.
Important notes on encryption:For Windows:
- If you forget the password, you will not be able to recover the document.
- When you encrypt a file, you should use the option to save the password for that file in yourPassword Vault.
- When encrypting Adobe PDF files, be sure to choose RC4 128-bit encryption.
- When using compressed file encryption, be sure to choose AES 256-bit encryption.
- When AES 256-bit encryption is used, you will NOT be able to open the file by double-clicking it. You must use Identity Finder's Open Secure Zip File feature.
- If you forget the password, you will not be able to recover the document.
- Identity Finder for Mac does not offer a Password Vault. Consider recording the password on paper and storing it in a physically secure, locked location. If you are encrypting University business or academic files, be sure to inform your department chair or manager of the secure password location to ensure business continuity.
- Identity Finder Vault encrypted files will prompt you for the password when you double-click them.
Scrub (Office 2007 or later only) – When a text file contains protected data and you wish to keep the file on your computer, but do not need the personal information, you should use the Scrub feature to automatically secure this file by removing the personal information and leaving all other content in place. You can choose to replace the protected data with numbers or an "X".
There are two ways to secure a single text-based file with redact:
- Click the result to highlight it and click the Scrub button on the Main tab of the Ribbon.
Right-click the result to highlight it and bring up a context menu. Select Scrub from the shortcut menu.
Note: To scrub multiple text files at one time, select the check box of each file and then choose one of the two methods described above to begin securing the files. You can choose to scrub the protected data and replace it with your default choice from your Identity Finder Settings Scrub From Text Files Option, or you can select any digit from 0 to 9 or an X. Once you click OK, the protected data will be permanently removed.
Shred – The Shred button is enabled for all types of file results but depending on the location of the result, Shred behaves differently. For files, Shred utilizes a secure United States Department of Defense wiping standard known as DOD 5220.22-M. For other locations, Shred removes the information from your computer using other appropriate methods.
There are three ways to Shred a location:
- Click the result to highlight it and click the Shred button on the Main tab of the Ribbon.
- Right-click the result to highlight it and bring up a context menu. Select Shred from the shortcut menu.
- Highlight the result by clicking with the mouse button or by using the arrow keys. Then press the Delete key on your keyboard.
Important note on shredding: It is impossible to "undo" a Shred. Shredded results cannot be recovered. Once a file is shredded, it is permanently gone.
There are two ways to quarantine a file:
- Click the result to highlight it and click the Quarantine button on the Main tab of the Ribbon.
- Right-click the result to highlight it and select Quarantine from the shortcut menu.
To quarantine multiple files at one time, select the check box of each file and then choose one of the methods described above to begin quarantining the files. After clicking Quarantine, a dialog box will open with your available options.
Important note on Quarantine: You can specify a default Quarantine location in Settings. You may also choose to leave behind a warning text document in place of the file.
Ignore – This feature allows you to designate certain items to be ignored by Identity Finder.
Click the result to highlight it and then click the Ignore button on the Main tab of the Ribbon. Select one of the following options:
- This Item Location: To ignore this location in future searches.
- This Identity Match: To ignore this identity match in ALL locations in which it appears.
- Manage 'Ignore List': To specify identities and locations to ignore when searching:
- To add a file location to Ignore, click the Browse (...) button. The Open dialog box will appear.
- Navigate to the desired location, select the file to ignore and click the Open button. The full path to the selected file will be displayed.
- Click the Add button. The path will appear in the Ignore List. Locations that you add to the Ignore List during a search will be ignored for the remainder of the current search.
- To remove a location or multiple locations from the Ignore List, select them and click the Remove button. The Remove All button clears the entire list.
- Click OK.
The Password Vault tool allows you to securely store and manage user names and passwords for Web sites, encrypted files and other locations inside of Identity Finder and protect them with a single Password Vault password. In other words, the Password Vault password is a single master password that allows you to gain access to the Password Vault. Once you have gained access, the Password Vault houses your list of files and their respective passwords.
Note: The Password Vault tool is not available for Mac operating systems.
Important Information for Using the Password Vault
- There is NO WAY to recover a forgotten Password Vault password. Once you have created this password, write it down and lock it in a secure location. Be sure to inform your department chair or manager of the secure location of the Password Vault passwords for all encrypted University business and academic files to ensure business continuity.
- Do NOT use your network, e-mail or administrative account password as your Password Vault password.
Accessing the Password Vault Tool
To access the Password Vault tool:
Click on the Password Vault button on the Tools tab of the Ribbon. The Identity Finder Security Tools dialog box will open. To add an item and its corresponding password to your vault, enter the Username, Password, Location and Comment, then click Add. Click Close to exit the vault.
Note: Identity Finder will not attempt to validate whether the usernames or passwords that you place in the Password Vault are correct. Therefore, it is necessary that you type them correctly.
Identity Finder may not recognize some custom file formats but Identity Finder clean-up features can still be used to handle these files.
Use the following Identity Finder Security Tools to handle files NOT listed in the Identity Finder search results:
Secure Files – The Secure Files tool allows you to secure any file on your computer even if no Identity Match is found on that file.
To secure a file:
- Click the Other Tools button on the Tools tab of the Ribbon. The Identity Finder Security Tools dialog box will open, displaying the Other Tools tab.
- Click the Browse (...) button in the Secure files using application encryption section to open the Open dialog box, select a file on your computer and then click the Open button.
- The full path to the selected file will be displayed. Click the Add button.
- Click the Secure button. A dialog box will open asking you to confirm.
- Click the Yes button to secure the file.
- Click the Close button to close the dialog box.
Open Secure Zip File – The Open Secure Zip File tool allows you to open and extract (unzip) the contents of any secure zip file on your computer. This is a very useful feature if you used Secured a Compressed File or Secured a Text Based or Other File in conjunction with the Strong or Stronger encryption setting.
To open a secure zip file:
- Click the Other Tools button on the Tools tab of the Ribbon. The Identity Finder Security Tools dialog box will open displaying the Other Tools tab.
- In the Open Secure Zip Files section, click the Browse (...) button below Step 1 to open the Open dialog box, select a secure zip file on your computer and then click the Open button. The full path to the selected file will be displayed.
- Click the Browse (...) button below Step 2 to open the Browse for Folder dialog box, select a folder on your computer where you want to extract the files and then click the OK button. The full path to the selected folder will be displayed.
- Type your password in the Password field and click the Extract button. Your files will be extracted to the specified location and an Explorer window will open to display the extracted files.
Shred Files or Folders – This tool allows you to shred any file or folder (and all sub-folders and files) on your computer, even if no Identity Match is found.
To shred any file or folder:
- Click the File Shredder button on the Tools tab of the Ribbon. The Identity Finder Security Tools dialog box will open displaying the File Shredder tab.
- Click the Browse ( ) button to open the Browse For Folder dialog box, select a file or folder on your computer and then click the OK button.
- The full path to the selected file or folder will be displayed. Click the Add button.
- Click the Shred button. A dialog box will open asking you to confirm.
- Click the Yes button. A dialog box will open confirming that the selected file or folder was shredded.
- Click the OK button.
- Click the Close button to close the dialog box.
Important note on shredding: This action CANNOT be undone. Once files are shredded, they are permanently destroyed and cannot be recovered.
Note for Mac users: Identity Finder for Mac does not offer the Shred File tool for shredding files that are not found in search results, although it does offer file encryption/decryption. By clicking the Vault icon on the tool bar, you can encrypt and decrypt any file using the Identity Finder Vault format. The Identity Finder Vault file type is automatically associated with Identity Finder, so double clicking an Identity Finder Vault file will open it in Identity Finder and prompt you for the password.