Criteria for prohibiting software

Malicious software threatens the integrity of Texas A&M data and computing resources. Due to Texas A&M’s academic mission, flexibility is important—especially for faculty and researcher workstations. For this reason, Technology Services generally follows a model that only prohibits software that has been identified as malicious; other software is allowed by default.

It is important to note that allowing software is not the same as approving of software. Software may pass the criteria listed here, and yet still be deemed risky or inappropriate for business reasons. The criteria in this document identifies malicious software that cannot be installed or run on university devices in any circumstances. These criteria can be used by IT professionals and information resource custodians to assess the status of installed software, and explain to our users why specific software is prohibited.

Software Meeting ANY of the Following Conditions is Prohibited on Texas A&M Devices:

1. Software no longer supported by the vendor (no longer receiving security updates). See TAMU Control SI-3 and TAMU Control SA-22.

2. Software that is made by a developer, subsidiary, or affiliate of any entity on the Texas DIR Prohibited Technologies website.

3. Any software that contains or relies on kernel-level access, unless explicitly approved by the Office of the CISO. See TAMU Control SC-39.

4. Any software that captures indiscriminate input from a human interface device like a keyboard (commonly referred to as “keyloggers”). See TAMUS Control CM-11.

5. Any software altering or monitoring network configurations (including VPN or network overlay software) unless explicitly approved by the Office of the CISO. See TAMUS Control AC-17 and TAMU SAP 29.01.03.M0.08, Section 2.5.

6. Any software that must communicate with a TAMUS Blocked Country in order to function or receive software updates.

7. Any software classified by MITRE or CISA as malicious.

8. Any software that is determined by the Office of the CISO to threaten the integrity of Texas A&M data, networks, or information resources.

The TAMU Security team will monitor software installed on Texas A&M devices, and if necessary, may instruct local IT teams to remove certain software or applications. For questions, contact the Endpoint Security team.

Helpful Links

Texas DIR “Prohibited Software/Applications/Developers” web page: https://dir.texas.gov/information-security/prohibited-technologies

Texas A&M University rules, controls, and standards:

• TAMU Security Control Catalog: https://u.tamu.edu/controls
• TAMU System Security Control Standards Catalog: https://cyber.tamus.edu/catalog/
• University Rules and SAPs, chapter 29 (Information Technology): https://rules-saps.tamu.edu/rules-saps-library/#section-22-header

Sites to aid in determining if software is malware:

• MITRE ATT&CK: https://attack.mitre.org/software/

• VirusTotal: https://www.virustotal.com/

• Polyswarm: https://polyswarm.network/scan

• ANY.RUN: https://app.any.run/

Sites to aid in determining if software is still vendor-supported:

• https://endoflife.date/
• https://www.upcomingeol.com/

Additional Information

Information technology professionals on campus may contact endpoint-security@tamu.edu to ask any questions or request additional information.