Anti-Virus/Malware Policy

Similar documents
Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

Symantec Endpoint Protection Analyzer Report

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

Consensus Policy Resource Community. Lab Security Policy

KASPERSKY ANTI-MALWARE PROTECTION SYSTEM BE READY FOR WHAT S NEXT. Kaspersky Open Space Security

TABLE OF CONTENT. Page 2 of 9 INTERNET FIREWALL POLICY

U06 IT Infrastructure Policy

AntiVirus and AntiSpam scanning The Axigen-Kaspersky solution

IBM Managed Security Services (Cloud Computing) hosted and Web security - express managed Web security

Application Security Policy

Advantages of Managed Security Services

Cyber Essentials Questionnaire

Antivirus and Malware Prevention Policy and Procedures (Template) Employee Personal Device Use Terms and Conditions (Template)

Guideline on Auditing and Log Management

Kaspersky Endpoint Security 8 for Windows and Kaspersky Security Center

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

FIREWALL POLICY November 2006 TNS POL - 008

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

Best Practices for Deploying Behavior Monitoring and Device Control

How To Configure Forefront Threat Management Gateway (Forefront) For An Server

Section 12 MUST BE COMPLETED BY: 4/22

Product Guide. McAfee Endpoint Protection for Mac 2.1.0

Symantec Protection Suite Small Business Edition A simple, effective and affordable solution designed for small businesses

Symantec Endpoint Protection Small Business Edition Installation and Administration Guide

Release Notes for Websense Security v7.2

Sophos Computer Security Scan startup guide

PureMessage for Microsoft Exchange startup guide

AND SERVER SECURITY

Data Sheet: Endpoint Security Symantec Network Access Control Comprehensive Endpoint Enforcement

AND SERVER SECURITY

Symantec Encryption Satellite for Windows Version 3.3 Release

Managed Antivirus Quick Start Guide

Lot 1 Service Specification MANAGED SECURITY SERVICES

Approved 12/14/11. FIREWALL POLICY INTERNAL USE ONLY Page 2

PureMessage for Microsoft Exchange 2013 startup guide. Product version: 4.0

PureMessage for Microsoft Exchange startup guide. Product version: 3.1

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)

Larry Wilson Version 1.0 November, University Cyber-security Program Critical Asset Mapping

K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS. v.109

Symantec Mail Security for Domino


Proven LANDesk Solutions

If the Domain Controller is running Windows Server 2003, it is strongly advised that the Group Policy Management tool is installed.

Worry-FreeTM. Business Security Standard and Advanced Editions. Installation and Upgrade Guide. Administrator s Guide

AVeS Cloud Security powered by SYMANTEC TM

Symantec Endpoint Protection Small Business Edition Implementation Guide

Network Security Policy

Data Management Policies. Sage ERP Online

Small and Midsize Business Protection Guide

Cisco ICM/IPCC Enterprise and Hosted Anti-Virus Software Guidelines

Release notes. Symantec Event Manager for Firewall. What s new. System requirements

FortiMail Filtering Course 221-v2.2 Course Overview

Trend Micro OfficeScan Best Practice Guide for Malware

Automate PCI Compliance Monitoring, Investigation & Reporting

Client Guide for Symantec Endpoint Protection and Symantec Network Access Control

Copyright 2011 Sophos Ltd. Copyright strictly reserved. These materials are not to be reproduced, either in whole or in part, without permissions.

Anti Spam Best Practices

BitDefender Client Security Workstation Security and Management

Symantec Enterprise Firewalls. From the Internet Thomas Jerry Scott

NETWORK AND INTERNET SECURITY POLICY STATEMENT

Mailwall Remote Features Tour Datasheet

Accessing TP SSL VPN

GFI Product Manual. Administration and Configuration Manual

Outpost Network Security

Sophos Endpoint Security and Control Help. Product version: 11

STPIC/Admin/002/ / Date: Sub: Quotation for purchase/renewal of Anti Virus Software Reg.

Security Administration R77

OfficeScan 10 Enterprise Client Firewall Updated: March 9, 2010

BITDEFENDER SECURITY FOR AMAZON WEB SERVICES

New possibilities in latest OfficeScan and OfficeScan plug-in architecture

Adjusting Prevention Policy Options Based on Prevention Events. Version 1.0 July 2006

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

System Compatibility. Enhancements. Operating Systems. Hardware Requirements. Security

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.

THE ROLE OF IDS & ADS IN NETWORK SECURITY

Client Guide for Symantec Endpoint Protection and Symantec Network Access Control

Network Instruments white paper

Symantec Brightmail Gateway Real-time protection backed by the largest investment in security infrastructure

Nessus and Antivirus. January 31, 2014 (Revision 4)

MESSAGING SECURITY GATEWAY. Detect attacks before they enter your network

933 COMPUTER NETWORK/SERVER SECURITY POLICY

Sophos Enterprise Console policy setup guide. Product version: 5.2

Managed Intrusion, Detection, & Prevention Services (MIDPS) Why Sorting Solutions? Why ProtectPoint?

Best Practices for DanPac Express Cyber Security

Endpoint Security Project: Vendor Recommendation Report

Migrating from Legacy to New Business Solutions

Technical Product Overview. Employing cloud-based technologies to address security risks to endpoint systems

Transcription:

Purpose This document establishes the corporate policy and standards for anti-virus/malware protection on any system owned by LandStar Title Agency, Inc or connected to the LandStar Title Agency, Inc network (any network owned by or operated on behalf of LandStar Title Agency, Inc). Policy Current corporate-approved virus/malware protection software must be installed and enabled on all Corporate-owned systems Systems that connect to the LandStar Title Agency, Inc network, regardless of physical location (for example, VPN and remote associates) Messaging systems (message-level and server-level protection) Internet proxies/secure Web Gateways Users will not remove or disable virus/malware protection software from running on any system. All anti-virus/malware security measures must be implemented according to the standards defined in this document. Standards Refer to these sections in this policy for system-specific standards: Standards for Servers and Workstations... 3 Standards for E-mail Servers... 4 Standards for Internet Proxies/Secure Web Gateways... 5 Violation of Policy Failure to adhere to all requirements stipulated in this policy and all related documents may result in disciplinary actions, up to and including Immediate removal of any applicable hardware/software/access to the LandStar Title Agency, Inc computer network or business systems Formally reporting the incident to LandStar Title Agency, Inc senior management Termination of employment Any other action deemed necessary by LandStar Title Agency, Inc senior management Review LandStar Title Agency, Inc has voluntarily adopted this policy for its sole and exclusive use. This policy and all related documents will be reviewed annually or as needed based on prevailing business conditions. Approved Kenneth Warner, Esq., Vice President and Senior Counsel Stewart Version 1.0 Page 1 of 5

Revision History Version Number Revised Date Effective Date Approved By Brief Change Summary Stewart Version 1.0 Page 2 of 5

Standards for Servers and Workstations Approved Software AVG and Malwarebytes are the only approved anti-malware software protection solution for servers and workstations (desktops and laptops) owned by LandStar Title Agency, Inc or connected to the LandStar Title Agency, Inc network. Anti-malware products include software such as anti-virus, anti-spyware, and host intrusion prevention. With prior approval from management, special purpose anti-malware tools may be installed to handle unique situations, provided [Anti-Virus Application Name] existing anti-malware tools are not removed or disabled and the special purpose tool is uninstalled after use. Exception: With approval from the management and IT Security management, non-company owned systems can run with a current anti-malware solution other than the company approved solution. AVG and Malwarebytes Configuration An approved solution must be installed on all servers and workstations and configured through the management console to Perform a complete local drive scan of all files once per 7-day period Automatically update to the latest anti-virus signature file and engine once per day Prevent inadvertent/deliberate disablement Protect against buffer overflow attacks Auto-disinfect (auto-clean) a virus upon detection, when possible Log all virus incidents Automatically scan actively accessed files (via an on-access scanner) In addition to the requirements above, workstations must perform an e-mail scan of all actively accessed e-mail messages and attachments Perform a start-up scan of memory, master/boot records, and system files Host intrusion prevention software must be configured to Enable intrusion prevention system functionality Prevent high severity attacks Log all detections Stewart Version 1.0 Page 3 of 5

Standards for E-mail Servers Approved Anti-Virus Software Any enterprise e-mail server owned by LandStar Title Agency, Inc or connected to the LandStar Title Agency, Inc network must use a messaging-level anti-virus protection package to protect individual e- mail accounts and public folders at the messaging level. Updating Messaging-Level Anti-Virus Software Messaging-level anti-virus software must be updated on a regular basis. In the event of a virus outbreak, more frequent updating than regularly scheduled may be required. Upgrading Messaging-Level Anti-Virus Software Messaging-level anti-virus software must be upgraded on all e-mail servers within 5 days of a new engine release. This upgrade will be tested and coordinated by IT e-mail system administrators. Application upgrades, which may occur once or twice each year, are deployed in phases across all e-mail servers after their stability has been verified by IT e-mail system administrators. Messaging-Level Anti-Virus Software Configuration Messaging-level anti-virus software must be configured to Automatically scan e-mail inbound to and outbound from the server (via an on-access scanner) Automatically update to the latest anti-virus signature file once per 24-hour period Automatically check for anti-virus engine upgrades on a weekly basis Prevent inadvertent/deliberate disablement Delete a virus-infected e-mail upon detection, when possible Log all virus incidents Allow filtering of incoming e-mail traffic by subject line or header or attachment Stewart Version 1.0 Page 4 of 5

Standards for Internet Proxies/Secure Web Gateways Approved Anti-Virus Software All Internet proxies must have at least one commercial anti-virus engine enabled. Multiple engines are preferred. Updating Internet Proxy/Secure Web Gateway Virus Definitions Virus definition files must be updated at least once per 24 hour period. Internet Proxy/Secure Web Gateway Configuration Internet proxies/secure Web gateways must be configured to Use Web reputation scoring to - Block sites with very poor reputations - Allow sites with very good reputations - Scan all content for threats for sites with reputations in between very poor and very good Log all detections Automatically check for virus definition updates Stewart Version 1.0 Page 5 of 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information