11.2.1 Antivirus Policy
Proposed: | 07/08/2015 |
Adopted: | 08/07/2015 |
Last Reviewed: | 07/31/2018 |
Effective: | 08/07/2015 |
1.0 Overview
Middle Georgia State University’s Office of Network Administration provides standards for the deployment of antivirus software on computers that directly access the Middle Georgia State University network. Accordingly, the use of anti-virus software is required and must include certain controls and restrictions as stated in this policy.
2.0 Purpose
The purpose of this document is to define anti-virus software standards and the proper use of such software to protect Middle Georgia State University’s electronic information from being compromised by malicious software code.
3.0 Scope
This document covers all computer systems owned, operated or maintained by Middle Georgia State University and any third party computers connecting to Middle Georgia State University networks.
4.0 Policy
All computer systems connecting to Middle Georgia State University networks must have anti-virus software installed and configured with automatic signature updates enabled prior to or immediately upon connection to any Middle Georgia State University network. This requirement specifically includes all LAN, WAN, Dial-up, VPN and Wireless access methods.
STANDARD FOR:
- WINDOWS OR APPLE MAC OS WORKSTATIONS, LAPTOPS AND SERVERS OWNED, OPERATED OR MAINTAINED BY MIDDLE GEORGIA STATE UNIVERSITY
Server operators are responsible for installing anti-virus software on their server systems. The Office of Network Administration will provide the installation software and can assist with its installation if requested.
The Technical Support Services department at Middle Georgia State University is responsible for the installation of anti-virus software on all other computer systems owned, operated or maintained by Middle Georgia State University.
The Middle Georgia State University anti-virus software standard is Trend Micro Officescan 10.6 or greater.
Servers and workstations must be configured to use the parent server provided by The Office of Network Administration.
Installation
There are two installation methods provided for managed clients:- Web Install
- Network share.
- PRIVATELY OWNED (AND ALL OTHER) COMPUTER SYSTEMS
The owners of privately owned computers and administrators of non-Windows computers and all other computer systems not covered above must provide, install, and maintain appropriate anti-virus software on these systems. The Office of Technology Support Services can assist with this installation if requested. Antivirus software by major commercial vendors is recommended. There are even several providers of freeware anti-virus software that provide minimal protection.
5.0 Enforcement
Any infected or unprotected systems should be reported to The Office of Network Administration. The Office of Network Administration will notify the Technology Support Services help desk of any systems suspected of being infected or unprotected. This notification will identify the affected computer by hostname and user and will include a required fix-action. Technology Support Services must inform the Office of Network Administration when the fix action has been completed.
The Office of Network Administration may utilize scanning, sniffing and other auditing methods to determine if systems are properly protected, infected or in violation of this policy. Without notice, the Office on Network Administration may temporarily suspend or limit network connections or accounts of any user or system considered to be in violation of this policy until the violation is resolved.
The Office of Network Administration or the CIO must approve any waiver of these requirements.
6.0 Definitions
Term Definition VPN Virtual Private Network LAN Local Area Network WAN Wide Area Network
7.0 Revision History
12/13/2002 - Original
01/28/2013 - Changed institution name to reflect consolidation
01/28/2013 - Changed all Symantec Anti-virus references to Trend Micro Officescan
01/28/2013 - Added enforcement section
01/28/2013 - Removed links to specific products to make document easier to manage
01/28/2013 - Added anti-virus requirement for Apple Mac OS in section 4-a.
08/4/2015 - Changed institution name to reflect University status