Antivirus Policy
Scope
This policy covers all computers that connect to the Loyola network.
Purpose
Antivirus software helps protect computers from malicious code. Requiring antivirus software on certain operating systems will improve the overall security of Loyola’s network.
Policy
Use of antivirus software - All computers using the Loyola network may be required to use antivirus software depending on their operating system. These requirements are detailed in the appendix. If a computer is required to use antivirus software, that software must be configured to automatically install updates to both the antivirus software and the virus definitions.
Failure to use appropriately configured antivirus software may result in loss of access to the Loyola network.
Exceptions
Exceptions to this policy will be handled in accordance with the ITS Security Policy.
Review
This policy will be maintained in accordance with the ITS Security Policy.
Emergencies
In emergency cases, actions may be taken by the Incident Response Team in accordance with the procedures in the ITS Incident Response Handbook. These actions may include rendering systems inaccessible.
Appendix
Servers
Windows – Any server running a Windows operating system is required to have Windows Defender running. Windows Defender must be configured to automatically update daily.
Linux – Any server running a Linux operating system is not required to have an antivirus program running.
Mac – Any server running a Macintosh operating system is required to have an antivirus program running.
Other – The Information Security Team will determine if a server running an operating system not listed above is required to have an antivirus program running.
Workstations, laptops, and other personal computers
Windows – Any personal computer running a Windows operating system is required to have an antivirus program running. The antivirus program must be configured to automatically update daily. If it is a Loyola computer supported by Law School Computing Services, the antivirus program must be Command Antivirus. If it is a Loyola computer supported by any other group, the antivirus program must be Windows Defender.
Linux – Any personal computer running a Linux operating system is not required to have an antivirus program running.
Mac – Any personal computer running a Macintosh operating system is required to have an antivirus program running.
Other – The Information Security Team will determine if a personal computer running an operating system not listed above is required to have an antivirus program running.
Reference
History
- September 5, 2008: Initial Policy
- June 24, 2015: Annual Review for PCI Compliance
- June 6, 2016: Added reference, Annual Review for PCI Compliance
- June 5, 2017: Annual Review for PCI Compliance
- May 3, 2018: Replaced Avast with Windows Defender, annual review for PCI Compliance
- July 16, 2019: Annual Review for PCI Compliance
- August 6, 2020: Annual Review for PCI Compliance
- August 5, 2021: Annual Review for PCI Compliance
- October 21, 2021: Modification to approved antivirus for other groups
Author: UISO
Version: 2.1
Scope
This policy covers all computers that connect to the Loyola network.
Purpose
Antivirus software helps protect computers from malicious code. Requiring antivirus software on certain operating systems will improve the overall security of Loyola’s network.
Policy
Use of antivirus software - All computers using the Loyola network may be required to use antivirus software depending on their operating system. These requirements are detailed in the appendix. If a computer is required to use antivirus software, that software must be configured to automatically install updates to both the antivirus software and the virus definitions.
Failure to use appropriately configured antivirus software may result in loss of access to the Loyola network.
Exceptions
Exceptions to this policy will be handled in accordance with the ITS Security Policy.
Review
This policy will be maintained in accordance with the ITS Security Policy.
Emergencies
In emergency cases, actions may be taken by the Incident Response Team in accordance with the procedures in the ITS Incident Response Handbook. These actions may include rendering systems inaccessible.
Appendix
Servers
Windows – Any server running a Windows operating system is required to have Windows Defender running. Windows Defender must be configured to automatically update daily.
Linux – Any server running a Linux operating system is not required to have an antivirus program running.
Mac – Any server running a Macintosh operating system is required to have an antivirus program running.
Other – The Information Security Team will determine if a server running an operating system not listed above is required to have an antivirus program running.
Workstations, laptops, and other personal computers
Windows – Any personal computer running a Windows operating system is required to have an antivirus program running. The antivirus program must be configured to automatically update daily. If it is a Loyola computer supported by Law School Computing Services, the antivirus program must be Command Antivirus. If it is a Loyola computer supported by any other group, the antivirus program must be Windows Defender.
Linux – Any personal computer running a Linux operating system is not required to have an antivirus program running.
Mac – Any personal computer running a Macintosh operating system is required to have an antivirus program running.
Other – The Information Security Team will determine if a personal computer running an operating system not listed above is required to have an antivirus program running.
Reference
History
- September 5, 2008: Initial Policy
- June 24, 2015: Annual Review for PCI Compliance
- June 6, 2016: Added reference, Annual Review for PCI Compliance
- June 5, 2017: Annual Review for PCI Compliance
- May 3, 2018: Replaced Avast with Windows Defender, annual review for PCI Compliance
- July 16, 2019: Annual Review for PCI Compliance
- August 6, 2020: Annual Review for PCI Compliance
- August 5, 2021: Annual Review for PCI Compliance
- October 21, 2021: Modification to approved antivirus for other groups
Author: UISO
Version: 2.1