Identity Finder - FAQ

Last Updated: 07/17/2013

General FAQ

What is Identity Finder, how does it work, and what items are scanned?

Identity Finder is software that helps prevent identity theft by discovering Personally Identifiable Information (PII) and sensitive data on computers, such as credit card or social security numbers, enabling users to take action to properly protect the information.

For more detail on how it works and what is scanned please visit this helpful information provided by Identity Finder.

Who can download and use the Identity Finder client?

At this time, the service is for CU-Boulder campus faculty (including teaching assistants and Emeritus faculty) and staff (including student employees).

Does Identity Finder replace Spider and SENF?

Yes. Identity Finder replaces both spider and SENF for Windows and Mac based PC's, in most cases. There is no Identity Finder client for Linux. The IT Security Office recommends and supports the SENF tool for Linux based systems.

How do I install Identity finder?
Do I install the free version located on the identity finder site?

No. You should go to the CU Services webpage, which provides customized enterprise installers for both Windows and Mac:

Am I responsible for the private/personal information stored on my computer?

Yes. There is a systemwide policy regarding security of private data. Please review IT Security in University Operations, Continuity, and Contracting.

Additional guidelines are available at:

Who does Identity Finder report to about unsecured data that it finds?

Identity Finder reports its findings to the computer user for awareness and quick remediation. Identity Finder also reports the networking address and whether or not unsecured data was found to a server maintained by the IT Security Office. Identity Finder does not report any private data. View sample report below.

Visual related to sample report

Why does Identity Finder report to the IT Security Office?

The IT Security Office works with you to protect private information and to investigate potential breaches in the event that your computer is compromised or stolen. For instance, if your laptop is stolen along with your proof (the Identity Finder reports) ensuring all private data is secure, the IT Security Office would be able to look at the log file and attest that no private information was compromised.

The IT Security Office aggregates Identity Finder logs to help campus and departmental leadership understand how many systems maintain private data within their area. The IT Security Office will also use Identity Finder logs when working with departments to ensure that web Internet-accessible servers do not store private information.

Do I have to allow Identity Finder to report to the IT Security Office?

No. You have the option to disable the report; instructions for disablign the report are available for both Mac and Windows. The IT Security Office encourages that you do not disable these reports and participate in a larger effort to mitigate potential gaps in data security on campus.

Will the IT Security Office be able to access any sensitive information on my system?

No, The IT Security Office will only have access to the reports stating what type of private data was discovered and how many instances.

What should I do if Identity Finder locates private data on my computer?

See the Private data quick reference table.

  1. Remove the entire document using the Shred feature.
  2. If you need the document/database, etc., that contains Personally Identifiable Information (PII), you can redact the PII using the Scrub feature in Identity Finder.
  3. If you have a valid business need for the PII, you must contact the security office to coordinate the best approach to securing your PII.

When in doubt about what to do contact the IT Security Office (ITSO) at security@colorado.edu. The general rule is if you don’t need it Shred IT!

Will my computer’s performance be affected?

When the software is performing a scan of the system, it is likely that your computer will perform slower, depending on the machine and amount of data to be scanned. The setting for how much of an impact a scan is on performance can be adjusted; however, the scan will take longer to complete. You can still work on your computer during a scan.

How often should I perform a search with Identity finder?

The default is set to, and it is suggested that scans should occur monthly. For reporting the IT Security Office scans will be required at least quarterly.