Prohibited Technologies and Covered Applications

Prohibited Technologies

On December 7, 2022, Governor Greg Abbott required all state agencies to ban the video-sharing application TikTok from all state-owned and state-issued devices and networks over the Chinese Communist Party's ability to use the application for surveilling Texans. Additionally, Governor Abbott directed the Texas Department of Public Safety (DPS) and the Texas Department of Information Resources (DIR) to develop a plan providing state agencies guidance on managing personal devices used to conduct state business.

Governor Abbott Directive to State Agency Heads

The list of prohibited software and hardware products can be found on the Texas Department of Information Resources Covered Applications and Prohibited Technologies website.

Covered Applications

Effective June 14, 2023, Texas Government Code Chapter 620 requires all state agencies to prohibit the installation or use of covered applications on governmental entity devices, which include devices owned or leased by an institution of higher education. Covered applications are social media applications or services specified by proclamation of the governor under Texas Government Code, Section 620.005.

UH System Policy

The UH System implemented SAM 07.A.12, Prohibited Technologies and Covered Applications, to comply with the Governor's order and Texas Government Code Chapter 620. Exception requests as allowed by SAM 07.A.12, Section 5 must be submitted using the Exception Request Form.

The Model Security Plan for Prohibited Technologies and the Model Policy for Preventing Use of Prohibited Technology and Covered Applications can be found on the Texas Department of Information Resources Covered Applications and Prohibited Technologies website.

FAQs

Why does the UH System have to comply with the Governor's Directive on Prohibited Technologies?

The UH System and each of its universities are state agencies and as such must comply with requirements set by the Office of the Governor and legislative mandates passed into law.

What technologies are prohibited?

The Texas Department of Information Resources (DIR) is responsible for maintaining the list of prohibited technologies. These include software, applications, developers, hardware, equipment, and manufacturers. Additionally, technologies from any subsidiary or affiliate of an entity on the list are prohibited.

As an employee, how does this impact how I do my job?

For employees who use only university-owned devices and software to do their job, there should be little to no impact. Some employees may have to switch to different software or technologies, or ensure they use a university-owned device for work.

I am an employee and have prohibited technology on my personal devices. May I use the device to check my university email or access the VPN and other university systems from the device?

No. Employees are prohibited from conducting university business on any device containing prohibited technology, even a personal device. To use the device for university business you must remove the prohibited technology.

Some examples of using a device to conduct university business are accessing any university-owned data, applications, or email accounts, creating a post on university social media accounts, or using SMS or video conferencing to discuss university business.

If I am a faculty member teaching a course that uses prohibited technology, what do I need to do?

You can request an exception using the Exception Request Form. This request must be approved by the university president.

If I currently use a prohibited technology for university business, what do I do?

You can no longer use the prohibited technology unless you have an approved exception. You can request an exception using the Exception Request Form. This request must be approved by the university president.

Will we still use our personal devices to respond to Duo requests?

Yes, using your personal device for multi-factor authentication is not considered conducting university business.

Can I access TikTok and other prohibited technologies on university property with my personal device and my own data plan as long as I'm not conducting university business?

Yes, however you are prohibited from connecting your personal device to university networks, such as the wireless network, if it contains prohibited technology, even though you are not conducting university business.

For questions related to prohibited technologies and covered applications, please contact UHS Information Security at:

University of Houston	security@uh.edu
University of Houston-Clear Lake	security@uhcl.edu
University of Houston-Downtown	security@uhd.edu
University of Houston-Victoria	security@uhv.edu

University of Houston System

Offices

Prohibited Technologies and Covered Applications