There can be motivation for end users to circumvent, disable, or otherwise avoid the attentions of the CA Data Protection endpoint agent. Endpoint agents include various email, browser, and application plug-ins and other CA Data Protection components, including the collection manager (WgnCM) and the CA Data Protection infrastructure service (WgnInfra).
Important: We recommend one single measure above all others to reduce or eliminate the risk of users tampering with your CA Data Protection endpoint agent installation: Ensure that users are not given local administrator privileges over their workstations, and that they do not have access to an account with such privileges.
Read this guide before installing CA Data Protection, because some security decisions have an impact on your choice of deployment options.
Most customers already employ methods to limit the ability of users to reconfigure their clients. To ensure maximum compatibility with such methods, the CA Data Protection endpoint agent does not automatically enable the techniques suggested in this document. However, you can add an extension to the installation process to invoke these techniques automatically.
Contact CA Technologies to discuss your requirements.
The following sections describe further measures that you can use to control the risk.
|
Copyright © 2015 CA Technologies.
All rights reserved.
|
|