Identity Finder (recently renamed to Sensitive Data Manager) is commercial software used to search for personal information such as social security numbers, credit card numbers, bank accounts, etc. It can search in local and remote drives, emails, and synchronized storaged such as Berkeley's bConnected implementation of Box.
Identity Finder’s primary use is for devices that routinely handle data classified as Protection Level 2 (PL2) or higher, as specified in the Berkeley Data Classification Standard.
Licenses can only be made available for the purposes of users and departments with clear needs such as:
A department that routinely deals with PL2 or higher data, which would like to monitor and ensure such data is only found in expected, designated systems.
A department launching a project to verify particular kinds of non-public data is not found in the department.
An individual or department involved in incident response, in order to verify what types of data may be in scope for the incident.
There are two options for allocating licenses:
Single device licensing mode
- A single license to scan a single device
- Licenses may not be transferred between devices
- Licenses can be reclaimed on a yearly basis only (in July)
- The OCR module on the individual machine’s drives may be used
- File shares, databases, and web sites via the additional DB, and web module may not be used
- Additional modules may not be used
Departmental licensing mode
- Licensed for the number of full time FTE in the department
- Part-time students, contractors, etc. not counted for total
- All devices within the department can be scanned
- All modules can be used (file shares, OCR, databases, websites)
- Only the licensed department's data can be scanned, for instance only their group directory on a shared file server
- Department licenses can be reclaimed on a yearly basis (in July)
Campus-wide resources, such as CalShare or Research Hub, may not be scanned within the terms of the license.
To request Identity Finder licenses, email email@example.com. Include the type of licensing appropriate to your use case, and the number of licenses needed for single use or your departmental FTE count for departmental use. You can also email us with any questions regarding your needs.
Please see the following guide for step-by-step instructions on how to use Identity Finder:
- Using Identity Finder (PDF created by Information Security and Policy)
The University protects the privacy of Electronic Communication Records. Please make sure you have proper permissions to scan a system. If you have additional questions on whether it is acceptable to scan a particular system, contact IT Policy at firstname.lastname@example.org.
For policy guidance on scanning for social security numbers, please see: