×

Antivirus Policy

Scope

This policy covers all computers that connect to the Loyola network.

Purpose

Antivirus software helps protect computers from malicious code. Requiring antivirus software on certain operating systems will improve the overall security of Loyola’s network.

Policy

Use of antivirus software - All computers using the Loyola network may be required to use antivirus software depending on their operating system. These requirements are detailed in the appendix. If a computer is required to use antivirus software, that software must be configured to automatically install updates to both the antivirus software and the virus definitions.

Failure to use appropriately configured antivirus software may result in loss of access to the Loyola network. 

Exceptions

Exceptions to this policy will be handled in accordance with the ITS Security Policy.

Review

This policy will be maintained in accordance with the ITS Security Policy.

Emergencies

In emergency cases, actions may be taken by the Incident Response Team in accordance with the procedures in the ITS Incident Response Handbook. These actions may include rendering systems inaccessible. 

Appendix

Servers

Windows – Any server running a Windows operating system is required to have Windows Defender running. Windows Defender must be configured to automatically update daily.

Linux – Any server running a Linux operating system is not required to have an antivirus program running.

Mac – Any server running a Macintosh operating system is required to have an antivirus program running.

Other – The Information Security Team will determine if a server running an operating system not listed above is required to have an antivirus program running.

Workstations, laptops, and other personal computers

Windows – Any personal computer running a Windows operating system is required to have an antivirus program running. The antivirus program must be configured to automatically update daily. If it is a Loyola computer supported by Law School Computing Services, the antivirus program must be Command Antivirus. If it is a Loyola computer supported by any other group, the antivirus program must be Windows Defender.

Linux – Any personal computer running a Linux operating system is not required to have an antivirus program running.

Mac – Any personal computer running a Macintosh operating system is required to have an antivirus program running.

Other – The Information Security Team will determine if a personal computer running an operating system not listed above is required to have an antivirus program running.

Reference

History

  • September 5, 2008: Initial Policy
  • June 24, 2015: Annual Review for PCI Compliance
  • June 6, 2016: Added reference, Annual Review for PCI Compliance
  • June 5, 2017: Annual Review for PCI Compliance
  • May 3, 2018: Replaced Avast with Windows Defender, annual review for PCI Compliance
  • July 16, 2019: Annual Review for PCI Compliance
  • August 6, 2020: Annual Review for PCI Compliance
  • August 5, 2021: Annual Review for PCI Compliance
  • October 21, 2021: Modification to approved antivirus for other groups

Author: UISO
Version: 2.1

Scope

This policy covers all computers that connect to the Loyola network.

Purpose

Antivirus software helps protect computers from malicious code. Requiring antivirus software on certain operating systems will improve the overall security of Loyola’s network.

Policy

Use of antivirus software - All computers using the Loyola network may be required to use antivirus software depending on their operating system. These requirements are detailed in the appendix. If a computer is required to use antivirus software, that software must be configured to automatically install updates to both the antivirus software and the virus definitions.

Failure to use appropriately configured antivirus software may result in loss of access to the Loyola network. 

Exceptions

Exceptions to this policy will be handled in accordance with the ITS Security Policy.

Review

This policy will be maintained in accordance with the ITS Security Policy.

Emergencies

In emergency cases, actions may be taken by the Incident Response Team in accordance with the procedures in the ITS Incident Response Handbook. These actions may include rendering systems inaccessible. 

Appendix

Servers

Windows – Any server running a Windows operating system is required to have Windows Defender running. Windows Defender must be configured to automatically update daily.

Linux – Any server running a Linux operating system is not required to have an antivirus program running.

Mac – Any server running a Macintosh operating system is required to have an antivirus program running.

Other – The Information Security Team will determine if a server running an operating system not listed above is required to have an antivirus program running.

Workstations, laptops, and other personal computers

Windows – Any personal computer running a Windows operating system is required to have an antivirus program running. The antivirus program must be configured to automatically update daily. If it is a Loyola computer supported by Law School Computing Services, the antivirus program must be Command Antivirus. If it is a Loyola computer supported by any other group, the antivirus program must be Windows Defender.

Linux – Any personal computer running a Linux operating system is not required to have an antivirus program running.

Mac – Any personal computer running a Macintosh operating system is required to have an antivirus program running.

Other – The Information Security Team will determine if a personal computer running an operating system not listed above is required to have an antivirus program running.

Reference

History

  • September 5, 2008: Initial Policy
  • June 24, 2015: Annual Review for PCI Compliance
  • June 6, 2016: Added reference, Annual Review for PCI Compliance
  • June 5, 2017: Annual Review for PCI Compliance
  • May 3, 2018: Replaced Avast with Windows Defender, annual review for PCI Compliance
  • July 16, 2019: Annual Review for PCI Compliance
  • August 6, 2020: Annual Review for PCI Compliance
  • August 5, 2021: Annual Review for PCI Compliance
  • October 21, 2021: Modification to approved antivirus for other groups

Author: UISO
Version: 2.1