9.5: Virus Protection
9.5 Virus Protection
INFOSEC Best Practice #100
Use a virus scanner on every computer.
There are approximately 100 new viruses created every month. If you exchange files with other users or are connected to the internet, then you are susceptible to viruses. Even software officially distributed by vendors has been known to contain viruses. Since viruses can immobilize your computer and your productivity, destroy files on your system, and even damage the hardware on your system; it is imperative that virus protection be deployed on every computer. Viruses often create unusual, hard to duplicate symptoms that are different to diagnose. The user often does NOT guess that the cause may be a virus because the symptoms appear as if there may be a bug in the program or that the user is doing something wrong. Countless hours are lost trying to fix the problem or work around it. The best protection is to immunize the system with a virus scanner.
Each server must have virus-scanning software that scans any files from external sources. Anti-virus software must scan all incoming IP traffic from the internet, including incoming email and have support to scan some of the more common word processing files and macros. Also, if the server is used to backup any remote machines, the backup software should have a built in anti-virus scanner to scan files before being backed up. A backup report should note if viruses were found.
INFOSEC Best Practice #101
Perform virus scanning of all IP packets...