Universities use tool to battle student ID theft


Data security crimes jumped by 47 percent from 2007 to 2008.
Data security crimes jumped by 47 percent from 2007 to 2008.

College students have to know which data are most vulnerable before they can protect their Social Security numbers, passwords, and online banking personal identification numbers. The creators of a new software program that fights identity theft say it can do just that—and some of the most respected universities are listening.

Identity Finder, a tool now marketed free of charge to college students, thoroughly scans a computer’s internet browser, files, eMail, attachments, and a range of other programs to find information that would prove most vulnerable to hackers.

The program isolates these bits of information and gives students options for how to secure each item: removing them piece by piece, scrubbing irrelevant data, or encrypting sensitive files for safe storage.

Cornell, Carnegie Mellon, Harvard, Indiana, and Notre Dame are among the universities that use Identity Finder’s Enterprise version to prevent—or least mitigate—hacker attacks that bring headaches for students and campus IT officials.

Tom Davis, chief security officer at Indiana, said the Identity Finder software “aligns nicely with [the university’s] overarching strategy for protecting sensitive personal and institutional information,” adding that the software has been a “nice complement” to campus officials’ efforts to make students more aware of online habits that expose their personal information to those scouring campus networks for passwords and PINs.

Identity Finder tracks down more than a dozen forms of personal identification such as credit and debit card numbers, personal addresses, passport information, driver’s license numbers, and patient health information. Users can schedule computer searches or search on demand, according to Identity Finder’s web site.

This week, Identity Finder announced that it would make the Home edition of its software available to college students free of charge—reportedly an $80 value.

Still, higher-education technology decision makers said many college students wouldn’t use a program designed to protect against identity theft, despite the prevalence of nightmarish privacy violation stories in media reports.

“Identity protection is something that is strangely foreign to many students today,” said Dennis Marquardt, education technology manager at Abilene Christian University. “Even with significant increases in identity theft, many college students fail to protect their identities and their privacy in the variety of social media and networking applications.”

The high-profile schools have signed on with Identity Finder after a tough summer for technologists in charge of their college’s IT security.

At least three universities—the University of Maine, Penn State University, and Florida International University—reported data breaches in June that compromised Social Security numbers, academic and financial records, and other information for about 40,000 students and faculty across the three institutions.

These universities and others that have scrambled to alert faculty and students of data crimes in recent years are not alone, according to research from the Identity Theft Resource Center, a San Diego-based nonprofit organization.

The number of reported data breaches in schools and colleges increased from 111 in 2007 to 131 in 2008, according to a 2009 report released by the center. Data security crimes jumped by 47 percent overall between 2007 and 2008, according to the research.

Students demonstrate their lack of ID security awareness, Marquardt said, when they don’t log off of password-sensitive accounts on public computers and share ID numbers with friends and family members.

“I believe most students would not see a need to use identity protection software,” he said. “The real need lies in educating students of the dangers that exist when they do not protect their personal information on the internet.”

Ronald Yaros, an assistant journalism professor at the University of Maryland specializing in multimedia and online journalism, said software like Identity Finder could be useful for students and IT officials, and preaching sound security practices has remained the most reliable way to keep student identities safe.

“It’s almost an obligation on our part to make sure the next generation of technology users are constantly kept up with the newest ways to protect their most sensitive information,” Yaros said. “Hackers are inventing new ways every day. We have to keep up with them.”

College students’ web savvy and attention to sensitive personal information makes software like Identity Finder largely unnecessary, as long as students stay vigilant in their dorms and in campus computer labs, said Aaron Doering, associate professor of learning technologies at the University of Minnesota.

“I believe most students can quickly identify an eMail [or] web site that is false and are aware of what they should stay away from,” Doering said. “Like anything though, education in this area is always warranted and should be built into the practices of all [universities].”

Dallas Stout, a faculty member at University of the Rockies in Colorado Springs, said that while campus IT departments can’t force students to use software to spot any vulnerabilities in their computers, making security tools available for free would still be worth the effort.

“Online privacy … [is] not something that is going to go away anytime soon,” he said. “The more tools young people have at their disposal to use for … managing personal information online, the more likely they will be to actually do it.”

Sign up for our newsletter

Newsletter: Innovations in K12 Education
By submitting your information, you agree to our Terms & Conditions and Privacy Policy.