To meet the requirements for compliance with the Payment Card Industry Data Security Standards (PCI DSS), OIT Security and Compliance has acquired Identity Finder (IDF), data security software that searches for and identifies any payment card data that is stored on local or network drives.

Recently, OIT encountered performance issues during the initial pilot of IDF to OIT-managed workstations. OIT is in the process of repackaging and testing a new version of the client that will be available to campus PCI merchants soon.

Once available, IDF will be installed on any workstation that:

• processes payment card data,
• may have processed payment card data, or
• is used for accessing payment reports.

OIT will be responsible for deploying it to workstations that are in the OIT-managed desktop environment (OITMD). Campus IT staff will be responsible for the deployment and support of the IDF client in departments that are not OITMD customers. OIT will communicate to individuals who need to have the software installed on their computers once the package is ready.

If you are a merchant, please refer to the IDF Merchant List to help you to locate workstations in your area that may have been used to process credit cards. This list contains current as well as previous merchant account information that may contain incorrect contact data. Rows that are highlighted in green and in yellow denote OIT-managed desktop customers. If you have questions regarding the merchant information in the list, contact Merchant Services atmerchantservices@ncsu.edu.

More information about IDF can be found on the Sensitive Information Identification and Remediation (SIIR) website, which also provides information about the process to handle and remove any credit card data. If you have any questions regarding the IDF deployment, contact the NC State Help Desk at help@ncsu.edu or 919.515.4357 (HELP).