VIRUS PROTECTION POLICY



Similar documents
Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

Client Security Risk Assessment Questionnaire

NextiraOne, LLC d/b/a Black Box Network Services

Towards End-to-End Security

Fear Not What Security Can Do to Your Firm; Instead, Imagine What Your Firm Can Do When Secured!

Effective Practice: Integrating Vulnerability Scanning with Web Authentication

Get what s right for your business. Technologies.

PCI DSS Policies Outline. PCI DSS Policies. All Rights Reserved. ecfirst Page 1 of 7

Choose Your Own - Fighting the Battle Against Zero Day Virus Threats

Symantec Enterprise Firewalls. From the Internet Thomas Jerry Scott

Document ID. Cyber security for substation automation products and systems

ABB s approach concerning IS Security for Automation Systems

Guideline on Auditing and Log Management

Network Security Policy

Avaya Modular Messaging 5.x

How To Audit The Mint'S Information Technology

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

Cisco Advanced Services for Network Security

74% 96 Action Items. Compliance

PCI DSS Requirements - Security Controls and Processes

GFI White Paper PCI-DSS compliance and GFI Software products

Auburn Montgomery. Registration and Security Policy for AUM Servers

Appendix 1c. DIRECTORATE OF AUDIT, RISK AND ASSURANCE Internal Audit Service to the GLA REVIEW OF NETWORK/INTERNET SECURITY

CSG Windows Support Policy

SPRINT MANAGED SECURITY SERVICES PRODUCT ANNEX

Symantec Endpoint Protection Analyzer Report

A MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS

Five keys to a more secure data environment

Network Assessment. Prepared For: Prospect Or Customer Prepared By: Your Company Name

STRONGER ONLINE SECURITY

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL

Data Management Policies. Sage ERP Online

Cyber Security: Software Security and Hard Drive Encryption

Reducing the cost and complexity of endpoint management

Driving Company Security is Challenging. Centralized Management Makes it Simple.

When Your Networkʼs Down, Call Crown

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES

LogRhythm and NERC CIP Compliance

Proactive IT Solutions More Reliable Networks Are Our Business

FBLA Cyber Security aligned with Common Core FBLA: Cyber Security RST RST RST RST WHST WHST

NETWORK PENETRATION TESTING

Remote Access and Network Security Statement For Apple

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)

Simphony v2 Antivirus Recommendations

Symphony Plus Cyber security for the power and water industries

Network Usage Guidelines Contents

Computer Viruses: How to Avoid Infection

NUS InfoComm Security Landscape

Procedure Title: TennDent HIPAA Security Awareness and Training

INNOVATE. MSP Services Overview SVEN RADEMACHER THROUGH MOTIVATION

What Do You Mean My Cloud Data Isn t Secure?

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

Managed Intrusion, Detection, & Prevention Services (MIDPS) Why Sorting Solutions? Why ProtectPoint?

SECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X)

All-in-one coverage for your business

Workstation Management

Managed ICT Services. User Guide. Possibilities that are built in. Telstra Corporation Limited ABN

Cyber Essentials Questionnaire

INFORMATION TECHNOLOGY ENGINEER V

Open an attachment and bring down your network?

TOP 10 WAYS TO ADDRESS PCI DSS COMPLIANCE. ebook Series

INSTANT MESSAGING SECURITY

Remote Services. Managing Open Systems with Remote Services

TASK TDSP Web Portal Project Cyber Security Standards Best Practices

Complete Managed Services. Proposal for managed services for the City of Tontitown

Computer Security Maintenance Information and Self-Check Activities

G/On. Basic Best Practice Reference Guide Version 6. For Public Use. Make Connectivity Easy

Linux Technologies QUARTER 1 DESKTOP APPLICATIONS - ESSENTIALS QUARTER 2 NETWORKING AND OPERATING SYSTEMS ESSENTIALS. Module 1 - Office Applications

MANAGED SECURITY SERVICES

Xerox Products and Anti-Virus Software

MOBILITY & INTERCONNECTIVITY. Features SECURITY OF INFORMATION TECHNOLOGIES

Information Technology Services

Security Features: Lettings & Property Management Software

IT Compliance Volume II

Introduction. PCI DSS Overview

A PROVEN THREAT A TRUSTED SOLUTION MCCANN CYBER SECURITY SOLUTIONS

HOSTEDMIDEX.CO.UK. Additional services are also available according to Client specific plan configuration.

Anti-Virus/Malware Policy

CENG Information Technology Services University of North Texas

Managed IT Solutions. More Reliable Networks Are Our Business

SECURE SHARING AND COMMUNICATION. Protection for servers, and collaboration

Security Maintenance Practices. IT 4823 Information Security Administration. Patches, Fixes, and Revisions. Hardening Operating Systems

SYMANTEC MANAGED SECURITY SERVICES. Superior information security delivered with exceptional value.

Information Security Services. Achieving PCI compliance with Dell SecureWorks security services

RSS Cloud Solution COMMON QUESTIONS

PCI DSS Reporting WHITEPAPER

MSP Service Matrix. Servers

Nessus and Antivirus. January 31, 2014 (Revision 4)

Internet threats: steps to security for your small business

IT Security. Securing Your Business Investments

Assuria can help protectively monitor firewalls for PCI compliance. Assuria can also check the configurations of personal firewalls on host devices

Microsoft Technologies

A Database Security Management White Paper: Securing the Information Business Relies On. November 2004

Countermeasures against Spyware

Automation Suite for. 201 CMR Compliance

Network Security and the Small Business

A Decision Maker s Guide to Securing an IT Infrastructure

The President s Critical Infrastructure Protection Board. Office of Energy Assurance U.S. Department of Energy 202/

Bring Your Own Device:

Transcription:

VIRUS PROTECTION POLICY APPLICABLE PRODUCTS All KMMI Digital Products, including Xpress and IQUE CR, REGIUS 350/370, DryPro Imagers and PrintLink. ORIGINATOR Eunice K. Lin, Marketing Manager, CR & PACS DATE July 10, 2006 INTRODUCTION This product bulletin explains Konica Minolta Medical Imaging s policy regarding virus protection for all of its digital products. PROTECTING KMMI DIGITAL PRODUCTS FROM MALICIOUS SOFTWARE Malicious software not only corrupts a computer system once it gains access, it also has the ability, primarily through the use of electronic mailing, to spread itself to other computer systems. In general, there are two ways to protect a system from a potential threat. 1) Use anti-virus software to look for the virus and either remove the virus from the system or prevent it from entering the system. 2) Update the operating system with the latest critical updates or security patches from Microsoft. Microsoft releases these critical updates to repair vulnerabilities that the virus software finds in the operating system that allows the virus to corrupt the computer and/or to spread itself. Konica Minolta Medical Imaging participates in virus protection by providing security updates or patches to its Windows operating system on all of its digital products. This ensures that our products run on the most robust operating system. Due to rigorous regulatory compliance requirements as well as our own quality and performance standards, each patch is subject to extensive testing prior to becoming approved for use on KMMI digital products. A time lapse is therefore expected before a security patch is available for installation on a Konica Minolta medical device after its release by Microsoft. While the opportunity for a virus invasion is small for medical devices, as these devices do not offer electronic mailing or internet access, the two major gateways for virus entries, these medical devices are nonetheless still vulnerable by simply being part of a facility s network system. A virus can still enter through other parts of the network and spread throughout the entire network, including the imaging modalities. Anti-virus software is not a software option for Konica Minolta digital products. However, to satisfy requests by end users with technical competencies, Konica Minolta has tested several anti-virus software programs for use with strict guidelines and procedures. Currently, the approved anti-virus software are the client versions of McAfee Total Protection Enterprise, Norton Antivirus Corporate Edition, Trend Micro Corporate Edition and F-Secure Anti-Virus. The customer will be solely responsible for their purchase, KONICA MINOLTA MEDICAL IMAGING USA, INC. 1

installation and maintenance (both software version upgrades and definition file updates). During the installation, however, a service engineer will be required on site to provide access to the operating system. This is a billable service. HEALTHCARE FACILITY RESPONSIBILITIES Because our digital products are installed within the healthcare facility s network, we depend on the end users to provide maximum protection from virus invasion into their network. Customers can protect their network from security attacks by employing the following practices: Use technical network defenses, such as firewalls, network virus scanners, intrusion detection systems, audit records, and VLANS. Prepare policies, procedures, and user training (i.e. safe practices while on an intranet) Restrict physical access whenever possible Establish secure remote access for servicing, such as Secure VPN. Notify the appropriate vendor in the event of a virus attack. Disconnect the device from the network to avoid spreading the virus to other devices. Each facility must evaluate its local requirements and use every measure possible to increase the level of protection against the threats imposed by a malicious virus. VIRUS PROTECTION SERVICE POLICY MMMI s policy on virus protection is as follows: 1. Only authorized KMMI personnel can install approved security patches during scheduled preventive maintenance visits. Scheduled preventative maintenance (PM) visits are automatically available to customers with products covered under warranty or a purchased Customer Satisfaction Agreement. 2. Customer with products out-of-warranty and not covered by a Customer Satisfaction Agreement may request the installation of security patches at a billable service rate. Any customer requesting a patch installation outside of the routine PM visits will also be billed at the standard service rate. 3. In the event of a virus attack on KMMI products, KMMI will dispatch a trained service engineer to diagnose and repair the virus infection on site at the billable service rate. This is applicable to all customers regardless of warranty or agreement status. KONICA MINOLTA MEDICAL IMAGING USA, INC. 2

4. Installation of non-approved anti-virus software or security patches on KMMI products will render product warranty invalid. Installation of security patches by non-kmmi authorized personnel will also render product warranty invalid. The.Anti-Virus Software Installation Guideline is available to qualified technical personnel upon request by contacting Konica National Technical Support at 1-800-945-0456. KONICA MINOLTA MEDICAL IMAGING USA, INC. 3

KONICA MINOLTA MEDICAL IMAGING Medical Products Virus Protection Policy JULY 10, 2006 At Konica Minolta Medical Imaging USA, Inc. (KMMI) our goal is to help protect KMMI products from malicious software attacks, as well as to assist our customers in the event an attack on KMMI products does occur. While healthcare facilities are responsible for providing maximum security on their network infrastructure, KMMI assists our customers to correct any immediate problem until a security patch becomes available. KMMI takes the following preventive measures to minimize its medical products exposure to malicious virus attack: Provide password protection that limits system access to authorized uses only. Configure the operating system services that minimize system exposures. Validate and approve security patches for installation on KMMI products. Due to rigorous regulatory requirements and KMMI quality and performance standards, each patch is subject to extensive testing and validation prior to becoming approved for installation on KMMI products. Only KMMI approved patches may be installed on KMMI products by KMMI authorized personnel. Install approved security patches during scheduled preventive maintenance visits for products covered under warranty or Customer Satisfaction Agreements. For out-of-warranty, non-contract products, KMMI will install security patches per KMMI service billing schedule. Validate and approve anti-virus software programs for installation on KMMI digital products. In the event a security attack occurs at the healthcare facility s network, and consequently on KMMI products, please contact KMMI National Technical Support immediately for assistance (1-800-945-0456). Once KMMI National Technical Support confirms the virus attack, a qualified KMMI service engineer or authorized agent will be dispatched to the site to repair virus infections and restore the systems to working condition. This is a billable service to all KMMI customers. Installation of non-konica approved patches or installation by non-kmmi certified personnel on KMMI products will render product warranty invalid. Furthermore, installing non-approved anti-virus software on KMMI products or inappropriate installation of approved anti-virus software may compromise performance and will also render product warranty invalid. To optimize a network system s security from virus attack, consider employing the following practices: KONICA MINOLTA MEDICAL IMAGING USA, INC. 4

Use technical network defenses, such as firewalls, network virus scanners, intrusion detection systems, audit records, and VLANS. Prepare policies, procedures, and user training (i.e. safe practices while on an intranet) Restrict physical access whenever possible Establish secure remote access for servicing, such as Secure VPN. Notify the appropriate vendor in the event of a virus attack. Disconnect the device from the network to avoid spreading the virus to other devices. Each facility must evaluate its local requirements and use every measure possible to increase the level of protection against the threats imposed by a malicious virus. KMMI will support our customers to resolve all virus-related problems that impact the performance of our equipment. Thank you and we appreciate your support of Konica Minolta Medical Imaging products. KONICA MINOLTA MEDICAL IMAGING USA, INC. 5

KONICA MINOLTA MEDICAL IMAGING Anti-Virus Software Installation Guidelines JULY 10, 2006 Approved Anti-Virus Protection Software Only the client software of the following anti-virus programs are currently approved for installation on the Control Stations of Konica Minolta Computed Radiography family of products: McAfee Total protection Enterprise v7.0 Norton AntiVirus Corporate Edition v9.0 Trend Micro Corporate Edition v5.58 F-Secure Anti-Virus v6.0 Installation of non-approved software, or personal version instead of client software of corporate/enterprise version may compromise system performance and will render product warranty invalid. Installation A Konica Minolta Field Service Engineer, authorized agent, or a certified bio-medical engineer is required on-site to provide access to the operation system in order to install the software. Please contact Konica Minolta National Technical Support at 1-800-945-0456 to arrange for the service. Configuration Please observe the following when configuring the anti-virus client software Do not configure for real time scanning, as this will slow down system performance Do not configure for scheduled virus scan at times of peak usage. Do not configure the device to access virus definition file directly from the internet. Do schedule virus scan during off hour operations. Do configure the device to access virus definition file directly from the facility s server Do exclude the Konica Minolta Directory from the scanning targets (C:\Koncaminolta) As a reminder, only the client software of enterprise distribution of antivirus software is permitted for use. KONICA MINOLTA MEDICAL IMAGING USA, INC. 6

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information