Software Tools to Find, Delete or Protect Data
One of the key messages of the WISP is "You can't lose what you don't have." But if you don't know you have it, you will also be unable to protect it. So the 3 main steps to information protection is find it, minimize it, and secure it.
Find It: Knowing What Data You Have
In order to protect sensitive information, you first need to realize you have it. For electronic files on a desktop, laptop or other portable device, this is particularly important, since electronic data can be compromised in many different ways. We don't always know what files are contained on our devices. Over time, we might inherit files from other computers, causing us to collect more files than we may actually need for our business purposes.
While 'find' options built within the operating systems may uncover some files, it will likely not find all files containing sensitive information. For a more thorough inventory, consider using a data discovery tool. The most common is Identity Finder. Learn more about using Identity Finder at MIT.
Minimize It: Removing What You Don't Need
If you find a file you no longer need, make sure to securely delete it, do not just throw it into the trash/recycling bin. Files trashed or recycled are not actually permanently removed from a computer hard drive and can be recovered by forensics or savvy hackers. For your emails, be aware that simply deleting may not remove all traces of the email.
Securely Deleting Files
The Department of Defense (DoD) file shredding standard is built into most secure deletion tools. Macintosh has Secure Empty Trash built into the operating system [article needed] which meets this standard. PC's do not have this option but many tools exist, both free and for a reasonable price. Learn more about these tools and options. If you are using Identity Finder, you have the option to securely delete files using a built in feature.
Secure It: Protecting Files You Do Need
One of the requirements listed in the Massachusetts regulations 201 CMR 17.04 includes encryption for any device that is portable and may contain sensitive data. Encryption is the transformation of data into a form in which meaning cannot be assigned without the use of a confidential process or key/password. It protects information in the event a computer is lost or stolen. For questions on the software listed below, contact the IS&T Help Desk.
PGP Desktop on a Windows PC
PGP Desktop has been tested in the MIT computing environment and is being offered to users in key, high-risk areas at MIT. Faculty, staff, researchers or graduate students who handle sensitive information at MIT can benefit from such robust protection. Learn more about using PGP Desktop at MIT.
FileVault on a Mac
FileVault is built into the OS X operating system. FileVault encrypts the files in your home folder; it does not encrypt the entire hard drive. The files are encrypted using a master password. Learn more about using FileVault at MIT.