Office Hours
     M-F 8am-Noon, 1pm-5pm
     Call and leave voice mail
     or email
    
ISO Main #'s
    Phone: 972-883-6810
    Fax: 972-883-6865
Physical Location
    Research and Operations
    Center (ROC)
    2.604
Mail Station: ROC43

Directions to UT Dallas

Forms
Forms
(You MUST be on a UT Dallas Network or using VPN)
Web + Email Security
Security Tips & Threats

Policies: Endpoint Encryption and Identity Finder Facts

  1. Per policy, laptops will indeed need to be encrypted in the event that the device is lost or stolen. The product chosen for Windows computers is McAfee Endpoint Encryption. This is in response to not only UT Dallas policy but UT System policy and State law.
    1. There is no reporting of any data back to a central repository.
    2. There is no secret back door to decrypt the data. To decrypt the hard drive, it requires the interaction of the tech and the user to make this happen.
    3. A code is escrowed and can be made available to either the CISO or the departmental tech to help the user recover the encryption keys if the user forgets their password.
    4. Special containers can be built to restrict users to specific groups of computers or to a single computer. This is meant to take into consideration the fact that there are areas where sensitive information is handled and that those areas will need special handling.
    5. Once the computer is encrypted and the password has been set initially there is no need for the computer to login to the network on any regular basis.
    6. Any mobile device containing sensitive data should be encrypted to prevent exposure in the event of loss or theft.
  2. Identity Finder is the program that we have chosen to scan Windows computers, servers and shared folders for confidential and sensitive information. The information could include SSNs, credit card numbers, bank accounts, birth dates, passwords, etc. Once the program is installed on your Windows computer, please schedule the program to run at least on a monthly basis.
    1. When the program runs the second scan, it reports to the Identity Finder console. It reports that the program ran, the date that it ran and that it found x instances of the types of confidential and sensitive information.
    2. If you find a lot of 'false positives', you can ignore them and move on or you can exclude them from future searches.
    3. Information that is confidential or sensitive should be shredded if it is not needed for your daily business and is not within the record retention policy time limits.
    4. No confidential or sensitive information is reported to the console.
    5. Information on using Identity Finder is available in regularly scheduled instructor-led classes or from documentation that is available on-line Click Here.
  3. Confidential or sensitive information that is identified by Identity Finder that is required by the user to perform duties on Windows systems can be encrypted with McAfee Content Encryption for Files and Folders. Information Security will work with each user to tailor this to meet the individual's needs.