Identity Finder

From CVL Wiki

(Difference between revisions)
Jump to: navigation, search
Line 13: Line 13:
 
===Install and register your Identity Finder program with the ECE Console (Strongly Recommended)===
 
===Install and register your Identity Finder program with the ECE Console (Strongly Recommended)===
 
#Open a web page to https://identity.ece.vt.edu/Services
 
#Open a web page to https://identity.ece.vt.edu/Services
#Click the link for your version of Windows and save the file to your computer
+
#Click the link for your version of Windows and save the file to your computer (How to determine if you are x32 or x64)
 
#*See below if you are using a Macintosh
 
#*See below if you are using a Macintosh
 
#Open the containing folder and double click the '''ClientSettings.reg''' file
 
#Open the containing folder and double click the '''ClientSettings.reg''' file
 
#*'''Note''': Firefox appends a .txt to the file, you need to rename the file to remove the .txt
 
#*'''Note''': Firefox appends a .txt to the file, you need to rename the file to remove the .txt
 
#Accept the prompts to edit the registry
 
#Accept the prompts to edit the registry
#Install Identity Finder with the instructions from the [http://www.security.vt.edu/idf/index.html VT Identity Finder] page.
+
#Download Identity Finder from http://network.software.vt.edu
 +
#Install Identity Finder
 +
#*[http://www.security.vt.edu/idf/windows_install.html Windows Install Instructions]
 +
#*[http://www.security.vt.edu/idf/mac_install.html Macintosh Install Instructions]
 +
#Once Identity Finder is installed, you're done. You can scan the computer on your own, or let the ECE Console handle the scheduling.  
 +
 
 +
 
 
*'''Note''': If you have already installed Identity Finder and wish to register with the ECE Console, please follow Steps 1-4 above and then restart the Identity Finder Endpoint Service
 
*'''Note''': If you have already installed Identity Finder and wish to register with the ECE Console, please follow Steps 1-4 above and then restart the Identity Finder Endpoint Service
#Click Start, click Control Panel, double-click Administrative Tools, and then double-click Services.
+
**Click Start, click Control Panel, double-click Administrative Tools, and then double-click Services.
#In the Details Pane, scroll down to '''Identity Finder Endpoint Service''', right-click and select '''Start'''
+
**In the Details Pane, scroll down to '''Identity Finder Endpoint Service''', right-click and select '''Start'''
 +
 
  
 
===Installing and Registering Identity Finder for Macintosh===
 
===Installing and Registering Identity Finder for Macintosh===
 
Instructions forthcoming
 
Instructions forthcoming
 +
  
 
=Using TrueCrypt and VT eToken to encrypt your data=
 
=Using TrueCrypt and VT eToken to encrypt your data=
 
*'''Note''': This method uses a keyfile on your VT eToken instead of a normal password. This allows you to copy the keyfile to a remote secure location for backup and recovery.
 
*'''Note''': This method uses a keyfile on your VT eToken instead of a normal password. This allows you to copy the keyfile to a remote secure location for backup and recovery.
 +
 
----
 
----
 +
 
==Creating the TrueCrypt Volume and Keyfile==
 
==Creating the TrueCrypt Volume and Keyfile==
 
*Download and install [http://www.truecrypt.org/downloads TrueCrypt] and the [http://www.pki.vt.edu/pdc/ Virginia Tech eToken] software
 
*Download and install [http://www.truecrypt.org/downloads TrueCrypt] and the [http://www.pki.vt.edu/pdc/ Virginia Tech eToken] software
 
#Open TrueCrypt
 
#Open TrueCrypt
#Click on Settings menu-> '''Security Tokens...'''
+
#Click on '''Settings''' menu-> '''Security Tokens...'''
#In the dialog box for 'PKCS #11 Library Path', enter the following and click '''OK''':
+
#In the dialog box enter the following and click '''OK''':
 
#* '''Windows''': C:\Windows\system32\etpkcs11.dll
 
#* '''Windows''': C:\Windows\system32\etpkcs11.dll
 
#*'''OS X''': /usr/local/lib/libeTPkcs11.dylib
 
#*'''OS X''': /usr/local/lib/libeTPkcs11.dylib
#Click on Tools menu -> '''Keyfile Generator'''
+
#Click on '''Tools''' menu -> '''Keyfile Generator'''
 
#*'''Note''': Technically any file can be a [http://www.truecrypt.org/docs/?s=keyfiles keyfile], however we recommend creating a new one with the built-in tool
 
#*'''Note''': Technically any file can be a [http://www.truecrypt.org/docs/?s=keyfiles keyfile], however we recommend creating a new one with the built-in tool
#Follow the instructions at the top, then select '''Generate and Save Keyfile...''', and choose a nondescript filename.
+
#Follow the instructions at the top, then select '''Generate and Save Keyfile...''', and choose a easy-to-remember filename.
 
#Click '''OK''' to close the Keyfiles window
 
#Click '''OK''' to close the Keyfiles window
 
#Insert your VT eToken into a USB slot
 
#Insert your VT eToken into a USB slot
#Click on Tools menu -> '''Manage Security Token Keyfiles...''' and enter the eToken password
+
#Click on '''Tools''' menu -> '''Manage Security Token Keyfiles...''' and enter the eToken password
 
#*'''Note''':If you are not prompted for your eToken password, please make sure that you properly installed the [http://www.pki.vt.edu/pdc/matrix.html eToken software].
 
#*'''Note''':If you are not prompted for your eToken password, please make sure that you properly installed the [http://www.pki.vt.edu/pdc/matrix.html eToken software].
 
#Click on '''Import Keyfile to Token...'''
 
#Click on '''Import Keyfile to Token...'''
 
#Select the keyfile you created in step 8 and click '''Open'''
 
#Select the keyfile you created in step 8 and click '''Open'''
 
#Click '''OK''' twice to close out of the Security Token windows.  
 
#Click '''OK''' twice to close out of the Security Token windows.  
#Click on Settings menu -> '''Default Keyfiles...'''
+
#Click on '''Settings''' menu -> '''Default Keyfiles...'''
 
#Click on '''Add Token Files...'''
 
#Click on '''Add Token Files...'''
 
#Select your eToken name and click '''OK''' twice to close the windows.
 
#Select your eToken name and click '''OK''' twice to close the windows.
Line 70: Line 80:
 
#*Check "Force auto-dismount even if volume contains open files or directories" (default)
 
#*Check "Force auto-dismount even if volume contains open files or directories" (default)
 
#Click '''OK''' to close the preference window
 
#Click '''OK''' to close the preference window
 +
 
==Mounting your TrueCrypt Volume==
 
==Mounting your TrueCrypt Volume==
 
#Open TrueCrypt
 
#Open TrueCrypt

Revision as of 14:56, 22 July 2011

The Bradley Department of Computer and Electrical Engineering recommends using Identity Finder to find and remove any Personally Identifying Information on your computer(s). If you need to keep any such Personally Identifying Information, the data needs to be encrypted and stored according to the VT policies (see below). We recommend using TrueCrypt and the VT eToken to encrypt and store your documents.

For more information on the VT Policies for securely storing and using SSN, please see the following:

Contents

Installing Identity Finder

To install a stand-alone version of Identity Finder, please see the instructions at the VT Identity Finder page.

Install and register your Identity Finder program with the ECE Console (Strongly Recommended)

  1. Open a web page to https://identity.ece.vt.edu/Services
  2. Click the link for your version of Windows and save the file to your computer (How to determine if you are x32 or x64)
    • See below if you are using a Macintosh
  3. Open the containing folder and double click the ClientSettings.reg file
    • Note: Firefox appends a .txt to the file, you need to rename the file to remove the .txt
  4. Accept the prompts to edit the registry
  5. Download Identity Finder from http://network.software.vt.edu
  6. Install Identity Finder
  7. Once Identity Finder is installed, you're done. You can scan the computer on your own, or let the ECE Console handle the scheduling.


  • Note: If you have already installed Identity Finder and wish to register with the ECE Console, please follow Steps 1-4 above and then restart the Identity Finder Endpoint Service
    • Click Start, click Control Panel, double-click Administrative Tools, and then double-click Services.
    • In the Details Pane, scroll down to Identity Finder Endpoint Service, right-click and select Start


Installing and Registering Identity Finder for Macintosh

Instructions forthcoming


Using TrueCrypt and VT eToken to encrypt your data

  • Note: This method uses a keyfile on your VT eToken instead of a normal password. This allows you to copy the keyfile to a remote secure location for backup and recovery.

Creating the TrueCrypt Volume and Keyfile

  1. Open TrueCrypt
  2. Click on Settings menu-> Security Tokens...
  3. In the dialog box enter the following and click OK:
    • Windows: C:\Windows\system32\etpkcs11.dll
    • OS X: /usr/local/lib/libeTPkcs11.dylib
  4. Click on Tools menu -> Keyfile Generator
    • Note: Technically any file can be a keyfile, however we recommend creating a new one with the built-in tool
  5. Follow the instructions at the top, then select Generate and Save Keyfile..., and choose a easy-to-remember filename.
  6. Click OK to close the Keyfiles window
  7. Insert your VT eToken into a USB slot
  8. Click on Tools menu -> Manage Security Token Keyfiles... and enter the eToken password
    • Note:If you are not prompted for your eToken password, please make sure that you properly installed the eToken software.
  9. Click on Import Keyfile to Token...
  10. Select the keyfile you created in step 8 and click Open
  11. Click OK twice to close out of the Security Token windows.
  12. Click on Settings menu -> Default Keyfiles...
  13. Click on Add Token Files...
  14. Select your eToken name and click OK twice to close the windows.
  15. Read the prompt and click Yes
  16. Click on Create Volume to start the Volume Creation Wizard
  17. Select Create an encrypted file container and click Next
  18. Select Standard TrueCrypt volume and click Next
  19. Click Select File..., choose a filename and location for your TrueCrypt volume and click Next
    • Note: Don't forget where you saved this file, as you need to remember it to mount in the future.
  20. Select AES in the drop-down menu and click Next
  21. Choose a volume size appropriate for your files. This is a static volume size, you will need to make a new TrueCrypt volume if you run out of room for your files.
  22. Leave the password boxes clear, check Use keyfiles and click on Keyfiles...
  23. Select your eToken name and click OK,
  24. Click Next
  25. Enter your eToken password
  26. Keep the default Filesystem options (FAT, Default, uncheck Dynamic) and move your mouse as randomly as possible for a brief time before clicking Format
  27. Click OK, then Next, then Cancel to close the Volume Creation Wizard
  28. Click Settings menu -> Preferences
  29. Under the Auto-Dismount section:
    • Check "User logs off" (default)
    • Check "Screen saver is launched"
    • Check "Auto-dismount volume after no data has been read/written to it for _____ minutes" (Recommended 25 minutes)
    • Check "Force auto-dismount even if volume contains open files or directories" (default)
  30. Click OK to close the preference window

Mounting your TrueCrypt Volume

  1. Open TrueCrypt
  2. Insert your VT eToken into a USB slot
  3. Select a drive letter in the main window
  4. In the "Volume" section, click on Select File...'
  5. Select the TrueCrypt Volume file you created in the section above and click Open
  6. Click on Mount
  7. Enter your eToken password and click OK
  8. Your TrueCrypt Volume will open in a new Windows Explorer window, and you can move your files to the folder. The volume is mounted as an additional drive under Computer
    • Remember that your TrueCrypt Volume will dismount automatically if you do not use it for the ___ minutes set in the instructions above
  9. When you are finished working with your TrueCrypt volume, remember to Dismount!
Retrieved from "https://computing.ece.vt.edu/mediawiki/index.php?title=Identity_Finder&oldid=1321"
Views
Personal tools
Support