Universities use tool to battle student ID theft

Data security crimes jumped by 47 percent from 2007 to 2008.
Data security crimes jumped by 47 percent from 2007 to 2008.

College students have to know which data are most vulnerable before they can protect their Social Security numbers, passwords, and online banking personal identification numbers. The creators of a new software program that fights identity theft say it can do just that—and some of the most respected universities are listening.

Identity Finder, a tool now marketed free of charge to college students, thoroughly scans a computer’s internet browser, files, eMail, attachments, and a range of other programs to find information that would prove most vulnerable to hackers.

The program isolates these bits of information and gives students options for how to secure each item: removing them piece by piece, scrubbing irrelevant data, or encrypting sensitive files for safe storage.

Cornell, Carnegie Mellon, Harvard, Indiana, and Notre Dame are among the universities that use Identity Finder’s Enterprise version to prevent—or least mitigate—hacker attacks that bring headaches for students and campus IT officials.

Tom Davis, chief security officer at Indiana, said the Identity Finder software “aligns nicely with [the university’s] overarching strategy for protecting sensitive personal and institutional information,” adding that the software has been a “nice complement” to campus officials’ efforts to make students more aware of online habits that expose their personal information to those scouring campus networks for passwords and PINs.

Identity Finder tracks down more than a dozen forms of personal identification such as credit and debit card numbers, personal addresses, passport information, driver’s license numbers, and patient health information. Users can schedule computer searches or search on demand, according to Identity Finder’s web site.

This week, Identity Finder announced that it would make the Home edition of its software available to college students free of charge—reportedly an $80 value.

Still, higher-education technology decision makers said many college students wouldn’t use a program designed to protect against identity theft, despite the prevalence of nightmarish privacy violation stories in media reports.

“Identity protection is something that is strangely foreign to many students today,” said Dennis Marquardt, education technology manager at Abilene Christian University. “Even with significant increases in identity theft, many college students fail to protect their identities and their privacy in the variety of social media and networking applications.”

The high-profile schools have signed on with Identity Finder after a tough summer for technologists in charge of their college’s IT security.

At least three universities—the University of Maine, Penn State University, and Florida International University—reported data breaches in June that compromised Social Security numbers, academic and financial records, and other information for about 40,000 students and faculty across the three institutions.

These universities and others that have scrambled to alert faculty and students of data crimes in recent years are not alone, according to research from the Identity Theft Resource Center, a San Diego-based nonprofit organization.

The number of reported data breaches in schools and colleges increased from 111 in 2007 to 131 in 2008, according to a 2009 report released by the center. Data security crimes jumped by 47 percent overall between 2007 and 2008, according to the research.

Students demonstrate their lack of ID security awareness, Marquardt said, when they don’t log off of password-sensitive accounts on public computers and share ID numbers with friends and family members.