Clean Scan Notice

Message Topic Search Topic Options Post Reply Create New Topic Printable Version Translate Topic

Hello All. 

When Identity Finder completes a scan and finds nothing, essential a clean
scan, it prompts the user for a New Scan, or to Exit, but there is no evidence
that a scan has run and that it was clean, (besides the logs, but I'll get to
that). We are using Identity Finder in Guest Mode only, so I don't know if that
behavior is different while using profiles. 

To give a little back story on this, we were using Cornell University's Spider
Scanner before we launched Identity Finder. After the "Spider Scan"
was complete, the user had a spreadsheet on their desktop called
SpiderResults.csv. Actually, once the scan started, the file was created and as
matches were found, they were added to the spreadsheet. The transition to
Identity Finder has been very smooth, and I only had this questions/issue come
up today. 

Our program is setup so we have Data Stewards in each of our departments and
they are responsible for getting their computers scanned and
reviewing/remediating the results. We have an issue in one department where
some of the users have not been willing to comply and scans have not been done.
So this request may sound like a policing effort, but after thinking about it,
I thought it may be beneficial. With Identity Finder, and the ability for the user
to scan and remediate their results, the Data Steward for this department has
raised concerns that, since there is no evidence of a scan, clean or not, a
user could say, "Yes, I've scanned, I found X, Y, Z, deleted them, and now
my computer is clean".  

Now, from the Console's perspective, yes, it would show how many, if any, scans
were done, and what was found. But our Data Stewards don't have access to the
console, and probably never will.  The endpoint logs, if enabled, would
have information about the scans, but asking the Data Stewards to dig through
log files isn't practical. So what I’m asking for is some type of notification,
whether it be a generated email, a small text file, or something else, that
marks an endpoint as scanned and clean, in the event of a clean scan. Whatever “it”
is, would then be the proof that the scans were done. 

I hope this is clear enough, but if you need more info, or
have any suggestions, please let me know. 

Thanks!

Reggie. 

Author	Message Topic Search Topic Options Post Reply Create New Topic Printable Version Translate Topic
rwarner1 Members Profile Send Private Message Find Members Posts Add to Buddy List Groupie Joined: 30 Nov 2010 Location: Chicago Status: Offline Points: 23	Post Options Post Reply Quote rwarner1 Report Post Thanks(0) Quote Reply Topic: Clean Scan Notice Posted: 04 Oct 2011 at 6:51pm
	Hello All. When Identity Finder completes a scan and finds nothing, essential a clean scan, it prompts the user for a New Scan, or to Exit, but there is no evidence that a scan has run and that it was clean, (besides the logs, but I'll get to that). We are using Identity Finder in Guest Mode only, so I don't know if that behavior is different while using profiles. To give a little back story on this, we were using Cornell University's Spider Scanner before we launched Identity Finder. After the "Spider Scan" was complete, the user had a spreadsheet on their desktop called SpiderResults.csv. Actually, once the scan started, the file was created and as matches were found, they were added to the spreadsheet. The transition to Identity Finder has been very smooth, and I only had this questions/issue come up today. Our program is setup so we have Data Stewards in each of our departments and they are responsible for getting their computers scanned and reviewing/remediating the results. We have an issue in one department where some of the users have not been willing to comply and scans have not been done. So this request may sound like a policing effort, but after thinking about it, I thought it may be beneficial. With Identity Finder, and the ability for the user to scan and remediate their results, the Data Steward for this department has raised concerns that, since there is no evidence of a scan, clean or not, a user could say, "Yes, I've scanned, I found X, Y, Z, deleted them, and now my computer is clean". Now, from the Console's perspective, yes, it would show how many, if any, scans were done, and what was found. But our Data Stewards don't have access to the console, and probably never will. The endpoint logs, if enabled, would have information about the scans, but asking the Data Stewards to dig through log files isn't practical. So what I’m asking for is some type of notification, whether it be a generated email, a small text file, or something else, that marks an endpoint as scanned and clean, in the event of a clean scan. Whatever “it” is, would then be the proof that the scans were done. I hope this is clear enough, but if you need more info, or have any suggestions, please let me know. Thanks! Reggie.
	"For the things we have to learn before we can do them, we learn by doing them." - Aristotle