Policy
Policy Name
Malicious Software Control Policy

Overview
Security controls must be in place for detection, prevention and remediation of malicious software.

Statement
  • Malicious software controls (e.g. Anti-virus agent) must be installed on system platforms susceptible to malicious software.
  • Malicious software solutions must be configured to run and scan automatically.
  • Anti-virus (AV) solutions must be periodically updated with the most current AV signature updates.
  • Internet access must be protected from download of malicious software with a network or internet proxy device.

Justification
The following benefits will be achieved:
  • Virus-scanning software maintained with up-to-date virus definitions
  • Virus scanning performed on a regular basis and malicious software removed from information systems
  • Minimize impact of malicious software

Scope
All employees, contractors, agents and third-parties

Consequeces for Noncompliance
Noncompliance to this policy can result in disciplinary action up to and including termination of employment or contract.

Topics
Malicious Software Controls
Network Security