OIT requires Spirion deployment to check for sensitive data

OIT is requiring the deployment of Spirion data security software by Monday, Nov. 27 on all university-owned devices that run Windows or macOS and are managed by WolfTech Active Directory/SCCM or Jamf Pro. This includes servers, desktops and laptops.

This requirement will enable the university to:

  • Comply with various security standards, including but not limited to the Payment Card Industry Data Security Standards (PCI DSS), the National Institute of Standards and Technology (NIST 800-171), and the International Organization for Standardization (ISO 27002:2013).
  • Identify and secure sensitive data in accordance with the NC State University Security Standards for Sensitive Data and Systems.
  • Complete required sensitive data scans in order to meet the deadline for PCI attestation.

Spirion, formerly known as Identity Finder, searches for sensitive data, including social security numbers and bank account and credit card information, inappropriately stored on devices.

OIT has already deployed Spirion on devices within the OIT Managed Desktop (OITMD) environment  and on those devices that are used (or may have been used) to process payment card data or to access payment reports. University IT staff are responsible for the deployment of the software in departments that are not OITMD customers.

Requirements to install this software on devices not connected to WolfTech AD/SCCM or JAMF Pro will be communicated at a later time. Users of non-managed Windows or macOS devices may download the software from Software Licensing.

If you have any questions or concerns, please contact the NC State Help Desk at help@ncsu.edu or 919.515.4357 (HELP).

More information about Spirion can be found on the Sensitive Information Identification and Remediation (SIIR) website.