Prohibited Technologies & Covered Applications (Texas DIR)

Prohibited Technologies & Covered Applications (Texas DIR)

Quick Overview
  • Explains which technologies are prohibited under Texas DIR requirements
  • Applies to anyone using SFA technology resources
  • Includes both Covered Applications and Prohibited Technologies
  • Personal devices used for work must also comply

The Texas Department of Information Resources (DIR) maintains an official list of Covered Applications and Prohibited Technologies that may not be installed, accessed, or used on state-owned devices or for official university business. These restrictions are required by Texas law and are intended to reduce cybersecurity, privacy, and data protection risks.

Legal & Policy Background

  • Texas Government Code, Chapter 620
  • Governor of Texas directive on Covered Applications
  • Texas Administrative Code (TAC) 202
  • UT System and Stephen F. Austin State University information security policies

Key Definitions

Covered Applications

Covered Applications are specific applications identified by the State of Texas that are prohibited on government-issued devices and may not be used to conduct official university business. These are most commonly social media or communication platforms identified by the Governor or statute.

Prohibited Technologies

Prohibited Technologies include a broader range of software, hardware, services, and technology products that pose unacceptable security or data protection risks. This includes technologies produced by certain vendors, as well as their subsidiaries and affiliates.

!
Important
Personal devices used for university business (email, VPN, file access, cloud services) must not have Covered Applications or Prohibited Technologies installed if they are used to access university systems, data, or services.

Who This Applies To

  • All faculty and staff
  • Student employees and contractors
  • Anyone using SFA-owned or SFA-managed devices
  • Anyone using a personal device to access SFA systems or conduct official SFA business

Required Actions

  1. Do not install or use prohibited technologies on SFA devices.
  2. Remove prohibited technologies from any personal device used for work.
  3. Do not access SFA systems using devices that contain prohibited technologies.
  4. Contact IT Security if you believe an exception is required for official business.

Limited exceptions may be permitted when required for legitimate business, research, or law enforcement purposes and must be reviewed and approved by Information Security in accordance with Texas DIR requirements.

i
Tip
The DIR list is updated periodically. Always refer to the official DIR page for the most current list of Covered Applications and Prohibited Technologies.

Official Prohibited Technologies List

The authoritative and most up-to-date list is maintained by the Texas Department of Information Resources and is available at:
https://dir.texas.gov/information-security/covered-applications-and-prohibited-technologies

Need Help?

Contact the IT Help Desk at (936) 468-4357 (HELP).
Print Article