Security Agents Decision Chart

What kind of device is it?

A Server

Includes servers located in a datacenter or cloud infrastructure

Security agents required:

An End User Device

A laptop, desktop workstation, tablet, etc (def.)

Security agents required:

Elastic
Platform-specific Privilege Manager
Platform-specific Device Management¹

Possible additional requirement: DLP

Certain devices will also need to have the Proofpoint DLP agent installed. DLP is required if the answer is YES to any of the following questions:

Does the device store or process Critical data (DC-6)?
Is the device assigned to a person designated by security as a Very Attacked Person (VAP)?
Does the device belong to a business unit designated by security as storing or processing monitored data (RA-2)?
Is this device traveling outside the United States? DLP is required for the duration of the travel.

If you have questions about any of these criteria, contact the Endpoint Security team (endpoint-security@tamu.edu).

A Special-Purpose Device

A kiosk; digital signage player; embedded device, etc

What security agents are required?

Can the device support user-installable applications? If YES, then follow guidance for end user devices above.
If NO, then speak to the Endpoint Security team about an exception to required controls.

Windows management platforms like Intune are out of scope for the Security Agent Standardization project. ↩

Security Agents Decision Chart

A Server​

An End User Device​

Possible additional requirement: DLP​

A Special-Purpose Device​

Footnotes​

A Server

An End User Device

Possible additional requirement: DLP

A Special-Purpose Device

Footnotes