STANDARD FOR PROTECTION AGAINST MALWARE

 

The University of Texas at San Antonio

Office of Information Technology

Office of Information Security (OIS) Standards

 

OIS 31 – Standard for Protection Against Malware

 


I. STANDARD STATEMENT


A significant threat to UTSA data and computing resources is the propagation of malware (malicious software) through network connections.

 


II. RATIONALE


This standard supports HOP Policy 8-12 Information Resources Use and Security Policy.

 


III. SCOPE


This standard applies to all UTSA faculty, staff, and students.

 


IV. CONTACTS


If you have any questions about OIS 31 – Standard for Protection against Malware contact the following office:

 

The Office of Information Security

informationsecurity@utsa.edu

 


 V. PROCEDURES  


  1. With the goal of data integrity, reliability and system performance, the Office of Information Technology (OIT) manages a virus protection program for all UTSA-owned computers, including home computers and portable computing devices. Because of the criticality of malware protection, OIT will establish and maintain a baseline of protection that must be met by computer users and systems administrators.
 
    1. All workstations, whether connected to the network or standalone, must use data protection software approved by OIT.
    2. The data protection software must not be disabled or bypassed.
    3. The data protection software must not be altered in such a manner that the effectiveness of the software is diminished.
    4. The software's automatic feature must not be altered to reduce the frequency of updates.
    5. All UTSA servers attached to the network must utilize OIT-approved data protection software.
    6. Email gateways must utilize OIT approved email virus protection software in accordance with OIT rules for the setup and use of the software.
    7. Procedures for handling malware are established in the Standard for Incident Response.

 

______________________________________________________________________________

Effective Date: December 1, 2013

Last Revised: April 10, 2013

Reviewed: June 26, 2017

 

<< Back