Identity Finder Sensitive Data Manager takes a robust approach to data leakage prevention, offering maximum security across almost any networked device. The tool comes in two parts: the Identity Finder console and the endpoint. The endpoint is installed on clients where it scans existing files on the machine based on a schedule and also scans new files as soon as they are created. The console provides administrators with a centralized way of managing policies organization-wide and also allows them to schedule and review the results of previous scans. The distributed scanning design of this product make it fast and highly scalable.
We received Sensitive Data Manager as a set of software installers for Windows. After reviewing the prerequisites, we set up a Windows Server pod to host the console. The console requires that IIS, Application Server and MS SQL server be installed, as well as several versions of .NET. In a production environment the SQL server should reside on a different computer, but we followed the recommendation of Identity Manager and configured it on the same server as the console using SQL express. While this was fine for our deployment in the SC Lab, a full-featured license would have to be purchased for full deployment in a production environment, which adds to the cost of this solution. Once we had all of the prerequisites checked off, we proceeded to launch the software installer. After clicking through the wizard, it automatically configured the IIS and application and asked us for our SQL Server info. We told the installer where to find the database engine and credentials and installation completed without further stoppage. Setup was slightly more involved than other products tested this month, but went smoothly and was well covered in the docs.
Once the console was running, we imported our license and set the administrator password. After navigating to the console web server, we were prompted to install Silverlight and we redirected to the download page. We returned to the console login page after installing Silverlight and entered our login info. Once the page loaded we were brought to a well-designed web interface with many graphs and other user-friendly features. The console is easy to navigate and looks visually similar to the Microsoft Office suite of products. Even though it was our first time using Sensitive Data Manager, it felt familiar. We were pleased that this product comes preconfigured to discover common sensitive data and we configured our own template in only a few clicks. During our testing we were pleased to see that it is able to redact compatible file formats without locking down access to them completely. When sensitive data is discovered in cleartext, it can be redacted, encrypted or quarantined automatically or by the choice of authorized users.
The documentation we received came electronically in the form of PDF and DOC files. The PDFs contained the complete user manuals, while the DOCs we more focused on initial deployment design and configuration. Both sets were helpful and reduced the learning curve substantially.
Identity Finder offers several support offerings. As part of the purchase price, phone, email and web support come standard on an eight-hours-a-day/five-days-a-week basis. Plus, 24/7 support is available, calculated as a percentage of the purchase cost based on the number of users.
Overall, Identity Finder Sensitive Data Manager is a high-quality product designed for maximum security in medium to large organizations. The only real downside is its price. If you are able to foot the bill, Identity Finder is the best product we saw in this Group Test. It is our selection for Best Buy. - Sal Picheria