Learning Center
Plans & pricing Sign in
Sign Out

Chance for infection high at desktop_ server and email server


									                             Anti-Virus for Email Proposal
                           Information and Educational Technology
                                         May 6, 2002

Problem Background
The incidence of damaging virus infections continues to increase worldwide each year.
This growth is attributed to the growing complexity of computer viruses and the rapid
spread of viruses via the Internet email and worms. According to industry statistics, 87
percent of current virus infections originate or are transmitted from an email or
groupware source.1

At present, the general campus approach to virus control does not specifically focus on
email but rather on identifying and preventing virus infections on desktop workstations.
Successful virus control at the desktop workstation level remains elusive, as it is difficult
to ensure anti-virus programs are installed, properly configured and maintained on the
broad number of operating systems in use on the campus. Moreover, a majority of the
computer workstations using campus network and computing resources are privately
owned and, thus, not under any campus configuration control.

The campus processes an average of 16 million emails each month. It is projected that at
least five percent of these email messages contain a virus infection.2 This infection rate
represents about 4,000,000 email messages over a one-year period. The viruses pose
several risks to UC Davis as, depending on the particular virus, the infection could:
    • Corrupt essential and/or sensitive institutional data,
    • Reduce productivity levels of information technology (IT) end-users,
    • Reduce system/application availability and integrity
    • Reduce availability of IT technical staff to attend to non-virus infection
    • Cause damage to data of external organizations receiving infected campus files

Any of the above damage factors, independently or in combination, could severely
disrupt the UC Davis research, teaching and public service activities dependent on
information technology.

The Giga Information Group reports that malicious code remains a costly type of security
breach for private and public organizations today, and it is essential that organizations
implement an effective strategy for minimizing these costs.3 Giga also recognizes that the
organizations that are most effective at minimizing the impact of malicious code use a
three tiered approach. This approach focuses on using virus detection and prevention
capabilities at the desktop, file server and email/groupware server level.4
  ICSA Labs Virus Prevalence Survey 2001
  ICSA Labs Virus Prevalence Survey 2001
  Defending Against Malicious Code: Best Practices and Strategies, Giga Information Group, December
  Defending Against Malicious Code: Best Practices and Strategies, Giga Information Group, December
Given that email is the most common vector for computer viruses, one of the highest
priorities for an effective campus anti-virus program should be virus identification and
prevention at the email server level. Virginia Tech, a public research university with
similar student enrollment as UC Davis, implemented anti-virus program for campus
email in the fall of 2001. Virginia Tech administrators recently reported almost one
million computer viruses detected and removed from campus email during the first three
months of using their new email anti-virus programs.5

Proposed Solution
While a small number of academic and administrative department have incorporated anti-
virus programs with their department email/groupware servers, the central campus email
servers do not use anti-virus programs. As the central campus email servers process an
estimated 70 percent of campus email, the scanning of email processed by the central
email servers for viruses would provide UC Davis with a significant opportunity to
reduce the number of virus infections on campus and the loss of productivity that results
because of the infections.

We propose to acquire a license for anti-virus email software and implement the software
on central campus email servers operated by Information and Educational Technology
(IET). We also propose to promote use of the software license among those academic
and administrative departments that administer their own email or groupware servers.
IET further proposes to provide technical assistance to such departments in the
implementation and support of the campus-funded email anti-virus software.

Acquiring and implementing a virus infection detection and removal program for email
will prevent an estimated 40 virus disasters per year (a virus-caused incident in which 25
or more workstations and servers suffer extensive damage).6 We project that email virus
prevention will provide UC Davis with an organization benefit that is over twice the cost
of the new software, hardware and labor to support the programs. In addition, while the
legal liability of the campus for transmitting viruses remains untested, the issue of
negligence may be raised in the near future. Industry surveys indicate that a majority of
moderate to large organizations uses anti-virus programs at the email server level.7 Thus,
the failure of the campus to implement measures to identify and prevent email viruses
could be interpreted as a breach of a recognized standard of care. Many higher education
institutions have recognized the need for email anti-virus programs and are implementing
methods to detect and remove email-borne viruses. These institutions include the
University of California campuses and medical facilities.

  The Growing Vulnerability of Campus Networks, Florence Olsen, The Chronicle of Higher Education,
March 15, 2001
  ICSA Labs Virus Prevalence Survey 2001
  ICSA Labs Virus Prevalence Survey 2001

6/3/2002                                                                                             2
Statement of Work
The following activities are essential to implement virus identification and prevention for
campus inbound and outbound email.
    • Acquisition of anti-virus software license for inbound and outbound email for
       unique campus email users (estimated to be about 40,000) – one time expense of
       $130,000 via anti-virus vendor system-wide prices extended to UCOP
    • Acquisition of additional hardware components to run anti-virus software on
       central IET email servers – one time expense of $60,000
    • Implementation of anti-virus software for email servers, software maintenance
       and email server hardware
    • Promotion for the use of the anti-virus software license among academic and
       administrative departments running email/groupware servers without existing
       virus control.
           o Technical assistance will be provided to academic and administrative
               departments for the licensed virus software product
    • Continued maintenance and support of email anti-virus software

Project Objectives
Projected Accomplishments
   • All inbound and outbound messages processed by IET operated email servers,
        including listproc server, will be scanned for virus infections. If possible, viruses
        will be removed from the email. Wherever possible, the originator of an email
        with a virus infection will be notified of the infection.
   • All email server anti-virus programs will be maintained on a regular basis.
   • We will promote campus department adoption and use of anti-virus programs at
        the email server level.

Critical Success Factors
The following factors must occur for this project to succeed:
    • Anti-virus software for email servers is available using the costs and conditions of
        existing the UCOP agreements
    • The anti-virus vendor delivers software with a 60-day acceptance period
    • The anti-virus vendor provides accurate technical support, including software
        configuration and hardware recommendations
    • The hardware acquisitions/upgrades for email servers are readily available and
        promptly received by UC Davis
    • IET communicates and coordinates the service changes with email clients

Project Risks
The risks that could impact the success of this project are largely related to the unknown
characteristics of future network and computer viruses. For example, future viruses could
move from largely Internet email to another Internet-related vector or use multiple

6/3/2002                                                                                    3
vectors. This change could occur as the information technology industry generally
acknowledges the growing complexity of the more recently released computer viruses.
Under such circumstances, the email anti-virus solution will mitigate only a portion of the
virus-caused data corruption and/or loss of productivity.

An additional risk is related to the anti-virus vendor hardware recommendations that have
been incorporated into this proposal. Should the recommendations be insufficient for the
high volume of campus email, hardware costs could exceed the projected $20,000 and
result in higher hardware and labor expenses and a delayed implementation schedule.

Project Constraints and Dependencies
This project is dependent on the availability of $158,000 to fund software and hardware
costs and labor for implementation, support and project management activities.

   •   One-Time Expenses - $198,000
          o $60,000 hardware
          o $130,000 software
          o $8,000 Implementation labor
   •   Recurring Expenses - $35,000
          o Recurring annual maintenance fee for campus-wide AV license ($18,000)
          o Recurring annual replacement costs for additional CPU hardware
          o Recurring annual labor costs ($2,000)

6/3/2002                                                                                  4
Financial Analysis

     One-Time Costs/Benefits

     One-Time Costs:                               Total
     Hardware                                        60000
     Software                                       130000
     Labor                                            8000

     Total One-Time Costs                         $ 198,000

     Annual Cost/Benefits

     Annual Costs                                  Total
     Hardware - Replacement                          15000
     Software Maintenance                            18000
     Labor                                            2000

     Total Annual Costs                             $35,000

While the quantitative value of the organizational benefits gained from the use of anti-
virus software at the email server level is substantial, the actual dollar value is difficult to
predict. The ease of transmission, system damage caused by a computer virus and the
annual number of virus outbreaks will influence the organizational costs imposed by the
virus infection. Nonetheless, it is generally acknowledged that each computer virus
outbreak requires IET, department unit staff or an end-user to research the virus
characteristics, identify the virus, attempt virus removal and restore the infected computer
host. In many cases, a broad campus computer infection will result in multiple sources of
labor combating the same virus. The use of email anti-virus programs will reduce these
direct labor costs. Implementation of anti-virus software for the campus email systems
will enable the real-time detection and removal of known viruses. Thus, technical labor
is reduced to responding to largely new viruses that are waiting for detection updates
from the anti-virus software vendors.

Indirectly, the use of email anti-virus programs will lead to greater system availability
and integrity, greater end-user productivity, reduce opportunity costs for technical staff,
reduce operational costs to those external recipients of previously infected data from

6/3/2002                                                                                      5
campus sources and reduce campus liability for possible damages caused by campus
originated computer viruses.

6/3/2002                                                                           6

To top