Skip to main content

Scan for Confidential Data: Windows

Identity Finder scans your computer for confidential data. 

This article applies to: Spirion (formerly Identity Finder)

Identity Finder is a tool to help you locate confidential data on your machine, but you'll need to work through the results before you can be sure your machine is in compliance with University policy and local practices.

General Process

  1. The copy of Identity Finder you install has been configured by Cornell to scan specific areas of your machine and to look for particular data types. Cornell classifies as confidential any of the following (when they appear in conjunction with an individual’s name or other identifier):
    • Social Security numbers
    • Credit card numbers
    • Driver’s license numbers
    • Bank account numbers
    • Protected health information, as defined by HIPAA (Data scanning tools cannot identify this type of data. You'll need to search for it separately.)
  2. Identity Finder produces a list of possible matches.
  3. Next check each match and decide how to handle it securely. For more information, see How to Handle Scan Results.

At a minimum, you should scan your entire computer and any attached drives. If you are searching removable drives, you'll need to do a second scan. See Scan for Confidential Data on External Drives: Windows. (Always check with your technical support provider to find out what local practices should be followed.)

Important! If you use Outlook Web Access (OWA) consistently to read email, you need to download your email to your computer before scanning. Identity Finder can't scan email stored on the OWA server. Configure Outlook or Thunderbird and download your email to scan your mail files.

Scan for Confidential Data

Warning: Departmental practice may differ from the procedures given here.

These are general instructions for running Identity Finder at Cornell. Some departments and units are delivering pre-configured copies of the software, and different groups will take different approaches to handling confidential data. This means that some of the procedures given here may not be relevant for you. Always follow local practices and guidelines when scanning and making decisions about data.

It is a good idea to back up your machine before scanning. If you shred data accidentally, you can recover it from the back up.

  1. Click Start, then Programs, then Identity Finder.  
    If this is the first time you've used Identity Finder, continue with Step 2. Otherwise, skip to step 3. 
    If your computer has multiple profiles, you must run Identity Finder with elevated (admin) privileges in order to scan all of the profiles. Right-click the Identity Finder and click Run as Administrator. Type the administrator password, and then click Continue.
  2. In the New Identity Finder Profile window, enter a password, confirm the password, and then click Next. In the Profile Password box, click OK.

    Note: Do not use your NetID password.
  3. If prompted, in the Identity Finder Profile Sign In window, enter your password, and then click Next.
  4. Click Main, and then click Start.

    By default, Identity Finder searches your whole computer (including locally-stored mail) for Social Security numbers, Credit Card numbers, Bank Account numbers, and Drivers License numbers.

    Identity Finder begins scanning. You'll see a Status window where you can track the scan progress.

  5. When the scan is complete, Identity Finder displays a list of files containing confidential data. To save the results file, click Save As.
    Note: You do not have to save your scan results.

  6. Choose a location to save the scan results, enter a name for the file, and click Save.

  7. Enter a password to use for the scan results file, confirm the password, and then click OK.
    Note: Do not use your Identity Finder profile password or your NetID password for the results file.

  8. Once your file is saved, if necessary, click Advanced.
  9. Review the list of files identified by the scan. You must look at each file and decide how to deal with it. Always follow local practices to determine the best way to handle files identified by the scan. For more information, see How to Handle Scan Results.
  10. When you have dealt with all the files in the list, quit Identity Finder.
Warning: Using Identity Finder to shred email will shred or corrupt your entire mailbox. If confidential data is identified in an email message, to permanently delete the mail message without damaging your mailbox, open your email application (Outlook, Thunderbird, or Eudora), delete the message, then empty the trash and compact your folders. If you are unsure of how to permanently delete select emails, contact your local technical support for guidelines on your specific email application.

Was this page helpful?

Your feedback helps improve the site.