policies , projects , security , visio-stencils

Sample – Administering Anti-Virus Software Policy

September 2, 2019

Introduction
The purpose of this policy is to describe how the Windows anti-virus software is configured to monitor virus activity in order to detect and prevent transmission of data or files that contain certain virus signatures.

It also describes how the Exchange / SMTP anti-virus software is configured to monitor mail-related traffic to detect and prevent the transmission of data or files via e-mail that contain certain virus signatures.

Policy
All systems must have anti-virus software installed during the build process as required for the service.

At a minimum, all systems must be updated with the latest virus definition daily as available from the anti-virus vendor.

All systems must be monitored daily to insure the latest virus definition is in place on each system.

Scope
This policy applies to all virus defenses server environments in all locations.

Out of Scope
• All servers reaching end-of-life support.
• All destination servers where Double-take is running on Source Servers.
• All customer managed servers.
• All co-location servers.

Failure to comply with this policy may result in disciplinary action up to and including termination.