Virus/Malware Protection Management Standard
Appendix to Policy
To protect University information and IT resources from viruses or other malicious code, anti-virus/malware software must be used to assist in preventing and detecting infections. Infections must be eradicated or quarantined. Virus/malware is a threat to the University and not limited to a single system.
The following table defines the baseline security controls for anti-virus/malware software capabilities.
|VPM.A.01||Scan critical components such as startup files and boot records||Required||Required||Required|
|VPM.A.02||Perform real time activities to check for suspicious activity (e.g., scanning email attachments for known malware as emails are sent and received, or files downloaded, opened or executed)||Required||Required||Required|
|VPM.A.03||Monitor the behavior of common applications that are most likely to infect devices or spread malware to other devices. Examples include email clients, web browsers, and instant messaging software||Required||Required||Required|
|VPM.A.04||Scan and identify files for known malware||Required||Required||Required|
|VPM.A.05||Disinfect files (either by removing malware from within a file or quarantining/isolating files containing malware)||Required||Required||Required|
|VPM.A.06||Receive regular updates for malicious code detection and repair features||Required||Required||Required|
|VPM.A.07||Track when the virus/malware protection software is deactivated or activated||Required||Required||Required|
|VPM.A.08||Generate audit logs||Required||Required||Required|
This applies to IT resources owned or contracted by the University. This also applies to personally owned devices accessing, or authorized to store, University data designated as private-highly restricted or private-restricted.
This applies to University community members who use or manage University IT resources.
- More information on Virus/Malware Protection Management
- How to use the information security standards
- See the Information Security policy appendices for additional information security standards that also apply to virus/malware protection management.