Scanning Earth Sciences computers for prohibited data starts January 28, 2013

Last revision January 25, 2013

Don't be the Stanford researcher or admin who generates this kind of bad publicity:
January 21 - Packard Hospital pediatric medical info stolen.
January 22 - Laptop containing 'limited' patient information stolen from Lucile Packard Children's Hospital.
January 23 - Stanford reports fourth HIPAA breach.

"Identity theft" is a growing criminal enterprise that gathers "personally identifiable information", such as Social Security numbers and credit card numbers, from stolen or hacked computers. Such information is used to fraudulently obtain money and goods using this stolen identity information to impersonate an unsuspecting victim.

The School of Earth Sciences will be participating in a project organized by the University's Information Security Office to pro-actively scan computers used for University business in order to locate Social Security numbers and credit card numbers that may be stored on those computers. The goal of this initiative is for Stanford to be first to find this risky data and to be sure it is properly protected against unintentional disclosure to hackers or thieves.

The University's senior management have become increasingly concerned about the need to maintain confidentiality of personally identifiable information stored on campus computing systems. University policy for many years has generally prohibited faculty and staff from storing such data on their own computer workstations; except certain data may be stored locally if the computer disk is encrypted.

But recent incidents at Stanford and peer institutions have shown that such data is still occasionally stored in unencrypted forms on local workstations which have been stolen or compromised by hackers. Such incidents are very costly to the University, both in direct costs to notify affected individuals and monitor for identify theft, and indirect damage to the University's reputation. Often no one realized the personally identifiable information was actually being stored on the stolen or compromised computer!

Senior management has centrally funded this scanning project to check Stanford owned computing systems during the current academic year. A licensed commercial program called Identity Finder will be used to search disk files for Social Security and credit card numbers on both Windows and Mac OS X workstations. The program automatically reports its results to the Information Security Office, which will then followup with the department and computer user if there are any potential matches. The program will be deployed in Earth Sciences in several ways beginning on January 28, 2013:

  • The BigFix patch management agent that is installed on all Stanford-owned computers in Earth Sciences that are directly supported by CRC will be used to centrally install and run the Identity Finder program in the background. Deployment will be done in groups over a period of a few weeks, so you may not see this right away.

    Pilot deployments in ITS and here in the Earth Sciences Dean's Office show that this program takes very little in the way of system resources with no negative impact on the computer user. You may notice this program appearing on your computer; you can safely ignore it. At the end of the project, BigFix will automatically remove the program.

  • The ERE department faculty and staff generally store their documents on their own Windows file server rather than on local disk. The ERE system manager will run the Identity Finder program directly on the file server. He will then remotely install and run the program directly on selected faculty and staff computers that may have locally saved files.

  • Adminstrative shares on the School's file server will be checked by the system managers.

More information about this project may be found on the Information Security Office website.

Comments or Questions?