Developing an antivirus policy

It is my opinion that any successful security solution is backed by a solid security policy. And by security policy, I don't just mean the vague general overview document that flatly states that all possible virus infections shall be repelled. I am referring to a fully functional security documentation infrastructure that includes policies, standards, guidelines and procedures. Without documentation from general goal overview to detailed step-by-step instructions for implementation, I don't see how any solution can be deemed successful in any environment.

With that said, I'll focus on the key elements that need to be present in an enterprise-wide antivirus security policy. In my view, here are the issues that you must somehow address:

  • Solutions should include software as well as personnel education.
  • An emergency response team should be formed that is trained and experienced in infection detection, termination and recovery.
  • Software solutions should provide automated protection and self-updating capabilities.
  • Virus-free backups should be a high priority.
  • Preventing virus infected files from reaching your core servers should be of the utmost importance.
  • Users, who are risk takers or have a history of being the conduit through which malicious code enters your environment, should be strongly warned then removed upon repeated infractions.
  • Users should be granted access on the basis of the principle

    Requires Free Membership to View

  • of least privilege; if a resource or a function is not required for their specific work tasks, then it should not be granted to the user.
  • No unapproved and untested software shall be installed on any production system within the environment.
  • Users are not to perform virus recovery, removal or cleaning on their own; they should contact the emergency response team.
  • All information about viruses, especially protection, removal and cleaning instructions, should be double checked by researching various trustworthy, well-known antivirus organizations. Unsolicited e-mails about virus response initiatives will be ignored until they are validated.
  • Active content and file downloading will be restricted or rigidly managed to prevent malicious code infection.

About the author
James Michael Stewart is a partner and researcher for ITinfopros, a technology-focused writing and training organization.

For more information, visit these other resources:

This was first published in May 2003

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.