Information Technology Security Plan
Anti‐virus Policy (10.6)
Responsible executive: CIO Approval date:
Responsible office: CSIT Effective date:
Related policies: IT Security Plan
1.0 Policy Statement
Computing platforms, including but not limited to desktop workstations, laptops/notebooks,
servers and network devices, are vital to the university mission. Computer viruses, worms,
Trojans and other malware constitute a major threat to the integrity and performance of
computing operations. Any computer connected to the SSU network must run an approved
and up‐to‐date anti‐virus product that continuously monitors, detects and remediates malicious
2.0 Reason for Policy
The purpose of this policy is to ensure that all vulnerable computing platforms connected to the
SSU network are hardened against attack and protected by antivirus software at all times.
This policy applies to all employees, students, contractors and other affiliates who have
computing platforms which are either physically or remotely connected to the SSU network.
4.0 Terms and Definitions
Virus – a program that attaches itself to an executable file or vulnerable application and
delivers a payload that ranges from annoying to extremely destructive.
Worm ‐ a program that makes copies of itself elsewhere in a computing system. These copies
may be created on the same computer or may be sent over networks to other computers.
Trojan Horse ‐ Destructive programs, usually viruses or worms that are hidden in an attractive
or innocent‐looking piece of software, such as a game or graphics program.
5.1 Anti‐virus for Employees
The university provides a site‐wide license for Symantec (Norton) Anti‐virus, which is available
to all faculty, staff and administrators. The anti‐virus installation should be configured for
Anti-virus Policy (10.6) 1
automatic scanning and updates. Users who know of or expect interference between the anti‐
virus software and another application running on their workstations or laptops must contact
the HelpDesk to evaluate and agree on an alternative.
Individual users must procure their own anti‐virus software for use on a personal computer
which will be connected to the SSU network.
It is the responsibility of the individual user to ensure that all university‐owned computers on
which they work have up‐to‐date anti‐virus installed and configured.
5.2 Anti‐virus for Students
The university provides a Microsoft Security Essential for personal student computers.
Microsoft Security Essentials is a free software application that helps guard against viruses,
spyware and other malicious software. Contact the HelpDesk for installation assistance.
It is the responsibility of the student to ensure that their personal computer is installed and
configured with up‐to‐date anti‐virus software.
5.3 Anti‐virus Guidelines
Any activities with the intention to create and/or distribute malicious programs into the
SSU network are prohibited.
All computer systems connected to the SSU network must have current, approved
antivirus software installed, properly configured and actively monitoring for malicious
software (never disabled).
The antivirus software must be configured to automatically clean the infected file
(remove the virus) or to quarantine the infected file if automatic cleaning is not possible.
Virus‐infected computers are removed from the network until they are verified as virus‐
The Symantec Anti‐virus software may be used only in accordance with the terms of the
license agreement. If you are unsure if any action may violate such a license agreement,
request authorization from the HelpDesk before proceeding.
Anti-virus Policy (10.6) 2