Skip to main content

Security Agents Decision Chart

What kind of device is it?

  1. A Server
    Includes servers located in a datacenter or cloud infrastructure
  1. An End User Device (def.)
    A laptop, desktop workstation, tablet, etc

  • [Elastic] (/docs/endpoint-security/endpointSecurityTools/Endpoint-Detection-and-Response/index.md)

  • Platform-specific Privilege Manager

  • Platform-specific Device Management1

    Possible additional requirement: DLP
    Certain devices will also need to have the Proofpoint DLP agent installed. DLP is required if the answer is YES to any of the following questions:

  • Does the device store or process Critical data (DC-6)?

  • Is the device assigned to a person designated by security as a Very Attacked Person (VAP)?

  • Does the device belong to a business unit designated by security as storing or processing monitored data (RA-2)?

  • Is this device traveling outside the United States? DLP is required for the duration of the travel.

  1. A Special-Purpose Device
    A kiosk; digital signage player; embedded device, etc

    Can the device support user-installable applications? If YES, then follow guidance for end user devices above.

    If NO, then speak to the Endpoint Security team about an exception to required controls.

Footnotes

  1. Windows management platforms like Intune are out of scope for the Security Agent Standardization project.