Antivirus Procedure
Document ID : Antivirus Procedure ver1_00
Created on : 29, 2020
Prepared By : Shaik
Approved By : Soundarrajan
Antivirus Procedure
Internal 2 of 5
1. Scope
This procedure applies to all Information Processing facilities across all locations of Information Dynamics.
2. Inputs
• Security Incident
• Virus alert
3. Responsibility
Manager – IT Infrastructure
Responsible for executing and implementing the procedures across Information Dynamics
Approval of the Policies and Monitoring the Implementation of the across the organisation
4. Definitions/Acronyms
Head of IT Infrastructure
Mobile code
"Mobile Code" is a code sourced from remote, possibly "un-trusted" systems, but executed your system. Examples include: web applets, dynamic email.
The concept of "mobile code" has been called by many names: mobile agents, mobile code, downloadable code, executable content, active capsules, remote code, and others. All deal with the local execution of remotely sourced code.
Examples of mobile code include:
Web Applets
Antivirus Procedure
Internal 3 of 5
Mini-programs written in Java, which are automatically loaded & run on being named in an HTML document. A document can include a number of applets, and these may be sourced from a number of different servers and run virtually without the user being aware of them.
6.1. Antivirus Configuration and Deployment
6.1.1. Desktop and Server Level
The Trend Micro solution should be configured to do the following:
• Scan for files including compressed files up to 4 levels given below.
o System Scan . This module looks for viruses in any file that the computer reads from or writes to the hard disk or any floppy disk in the drive. It runs continuously in the background to give a first line of anti-virus defense. Scan for all files compressed files.
o E-Mail Scan . This module looks for viruses carried in e-mail attachments that arrive the corporate email system or from the Internet.
o Download Scan . This module looks for viruses in files you download the Internet, including attachments that arrive via mail.
o Internet Filter . This module blocks hostile Java and ActiveX objects from damaging your system, and also keeps your browser from visiting potentially dangerous Internet sites. Java and ActiveX objects are enabled as per project requirements.
• the detected automatically.
• the file to folder if unable to clean.
• Follow the Incident Handling Procedure in case of virus not being cleaned and any new virus breakout.
• Automatic antivirus pattern update should be configured in the application.
Antivirus Procedure
Internal 4 of 5
The Adaptive Security Appliances solution should be configured at the entry point of network to do the :
• All incoming and outgoing mails will be checked and cleaned if malicious is found.
• Sonicwall Gateway Anti-Virus is deployed to providing a comprehensive malware protection solution against spyware, viruses, spam, and content with integrated URL and content filtering .
• Maintain virus logs on the critical servers for 15 days to keep track of virus activity. Logs should also be reviewed periodically. On encountering the virus, the detailed log should be submitted to ISM
• All virus incidents should be reported by users to ISM/IT/Help Desk.
• Any critical virus / events handled in previous months logs shall be generated as and reviewed in the Security Forum meetings
• Any virus outbreak shall be controlled through the incident management procedure.
The following will be performed to ensure a virus-free environment wherever applicable
• All HTTP traffic will be checked for presence of malicious code or mobile code. If so, the traffic the corresponding website be blocked
The Manager – IT will be responsible for implementing and executing the procedures mentioned in this document. The execution will be monitored and reviewed by the Chief Information Security Officer.
8. Outputs
• Virus free documents / system
Antivirus Procedure
Internal 5 of 5
9. Reference Documents
• Communication and Operations Management Policy
