Professional Documents
Culture Documents
(Anti-Malware Policy)
For
Emmylou Bice
This policy is an internal HIC, Inc. policy that defines the anti-virus or anti-malware policy for
HIC, Inc information technology assets, including virus scanning frequencies, updates, software
installed, firewalls, or email protections (Astha, n.d.). This policy also identifies applicable
parties and responsibilities for implementing and enforcing this policy. This policy is designed to
protect HIC, Inc. assets and resources against potential breaches by viruses and malware. This
policy is also designed to establish security requirements for HIC, Inc information technologies
Scope
This anti-virus policy applies to all HIC, Inc. information technology attached to any the internet,
intranet network, or standalone network to include, but is not limited to desktop computers,
laptops, tablets, servers, or cell phones. This policy also applies to the entire HIC, Inc. workforce
Objectives
The main concern of this policy is to be effective and efficient in detecting and preventing
network virus outbreaks involving HIC, Inc. information technology assets. The main focus is to
ensure that all HIC, Inc workforce, to include employees, contractors, interns, etc. are aware of
cyber risks associated to viruses and take precautions in proper use of HIC, Inc. technology
(Southern University, 2008). The intent for this policy is to ensure the integrity, confidentiality,
and availability of HIC, Inc resources and information, the HIC, Inc. workforce operates
accordingly in practicing safe computing practices, and appropriates measures are in place that
assure the policy is being followed (Southern University, 2008). Specific instructions and
ASSET PROTECTION POLICY: ANTI-MALWARE POLICY 3
procedures for protecting and configuring anti-virus measures are documented in the Anti-Virus
Standard.
Responsibilities
The entire HIC, Inc. workforce is responsible for taking actions and measures to protect HIC,
Inc. assets against viruses and malware (Southern University, 2008). Failure to adhere to this
policy will result in the disabling of the user account and confiscation of devices. Key personnel
in the HIC, Inc. Information Technology group with Anti-Virus policy roles include:
Policy
All HIC, Inc. information technology assets to include workstations, laptops, desktops,
cell phones, tablets, etc. must have the McAfee Enterprise Anti-Virus installed. The anti-
o Should be configured to only allow domain administrators with the ability to start
The HIC, Inc. Information technology group will manage the anti-virus software on all
internet gateways and email servers to scan incoming and outgoing email traffic
(Wofford, 2010). Any email found with a virus or malware shall be automatically deleted
(Astha, n.d.).
Activities with the intent to install or transmit malicious programs or Denial of services
Users transferring file shall scan the file with the anti-virus software prior to sending or
transmitting via FTP, web server, on a CD/DVD, portable storage, or any other method
(Astha, n.d.).
HIC, Inc. IT support will install anti-virus software on all HIC, Inc. owned assets
HIC, Inc. IT support will disconnect a user’s system from the network if a virus is found
on their system (Wofford, 2010). The system will not be reconnected until an
investigation is complete to ensure the system is clean and no HIC, Inc. information has
been compromised.
HIC, Inc. It will suspend VPN access for users who do not have the appropriate anti-virus
Exceptions to this policy may be allowed if the device cannot have an anti-virus installed.
Instances would include those where an inti-virus software has yet to be developed
(IUPUI, n.d.). These devices must be documented and have approval from the security
References
1.amazonaws.com/POLICIES/POlICY%20FOR%20ANTIVIRUS.pdf
policy/
https://www.subr.edu/assets/subr/NetworkSecurity/Antivirus_Policy.pdf
%20Policy.pdf