Before Starting Installations

• Make sure the NetBIOS/computer name matches the IP hostname, is the user’s PennName, or is something recognizable when it shows up in our Console.
• Do they have a “U” drive? This may be a good time to set one up.
• If users have privacy objections, they can opt for the ‘silent’ version. In the Console, it marks them as ‘scanned’ with no details. Please feel free to [point them to the Identity Finder End User FAQ. If they are still resistant, explain they are still responsible for their own compliance to the Social Security Number Policy.
• Don’t forget to scan any external backup media that may have copies of PII.
• Do not scan servers or server shared drives.
• Make sure to record each machine you scan in the Footprints Inventory (KB Article 25057).
• To Check your 'to do' list in Footprints: change the Project to SASC Inventory in the top right corner, then click on Reports, then Saved in the side menu. Under the shared reports pulldown, look for reports titled, "Idf-install-yourdept".

Notes on Installing Identity Finder

The current installers are in the distaff share under:
\projects\identityfinder\identityfinder mac\IDF_3.0.0_SAS_Console.dmg
and
\projects\identityfinder\identityfinder SASC 4.0.1.2

• After installing Identity Finder, check for new versions and AnyFind updates before running a scan. When the program opens go into the Advanced screen. The program should automatically detect and prompt you to install updates. You can also click on the Configuration tab at the top of the Advanced screen and click the Updates button. For Macs, Update is located in the Help menu.
• You may install the software on non-allocations machines as well. Please add the machines to the Inventory if they are not entered.
• If you have a version already installed on a client from your efforts last year and you want to scan them again, please uninstall and reinstall the new version. Some of the older versions don’t communicate with the Console.
• If you are scanning a Mac with another account other then the user's (i.e. LSPADMIN), you will need to change the default location to point to the user profile you want to scan. Click on the 'locations' button to scan the right user.
• Before scanning a Mac, you may want to temporarily turn off SEP AutoProtect, or it may try to scan archives as Idenity Finder accesses them.

Profile and Results passwords

Please set a good password on your Identity Finder profile and any results you save. Forgetting the password here simply means you will not be able to see previous results and will have to run another scan.

Dealing with Scan Results

False positives: Chose Ignore Location. Ignore should generally be used for false positives only. Report repetitive false positives to idf-help and they can be added into the Console rules.

Hits to Remediate. It’s best to use Identity Finder to address issues like moving and deleting files. Manually redacting and re-saving Word and Excel files is not recommended. Manual actions can still leave traces in slush space, which Identity Finder cannot scan.

Shred: Securely deletes the file. Make sure the user knows these files cannot be recovered when using this action.

Quarantine: If the file must be kept, move it to a secure location. If the U drive is mapped, it will move the file to the U: drive in the if_quarantine directory by default.

Secure: User can set a password on the file. THIS IS NOT RECOMMENDED UNLESS AS A LAST RESORT. Note there is no way to retrieve a forgotten password or gain access to the file without it. Use with extreme caution!

Client Problems and Crashes

We have a good relationship with Identity Finder and can send error reports to them. However, we need to gather specific information on the errors to submit them. Please use this form to help us collect vital information to make the software better.

For the Mac Client, if you notice that the scan hangs on application or system files, sometimes an effective work around is to only scan the directories or libraries that are likely to contain user data, emails and PII.