Antivirus Procedure
Document ID : Antivirus Procedure ver1_00
Created on : 29, 2020
Prepared By : Shaik
Approved By : Soundarrajan
 Antivirus Procedure 
Internal 2 of 5
1. Scope
This   procedure   applies   to   all   Information   Processing   facilities   across   all   locations  of Information Dynamics.
2. Inputs
Security Incident 
Virus alert
3. Responsibility

Roles

Responsibilities

Manager     IT  Infrastructure

Responsible   for   executing   and   implementing   the   procedures   across  Information Dynamics

ISM

Approval   of   the   Policies   and   Monitoring   the   Implementation   of   the  across the organisation









4. Definitions/Acronyms
Manager
Head of IT Infrastructure 
ISM
Security Manager







    5. General Information
Mobile code 
"Mobile   Code"   is   a   code   sourced   from   remote,   possibly   "un-trusted"   systems,   but  executed your system. Examples include: web applets, dynamic email.
The   concept   of   "mobile   code"   has   been   called   by   many   names:   mobile   agents,  mobile   code,   downloadable   code,   executable   content,   active   capsules,   remote   code,  and others. All deal with the local execution of remotely sourced code. 
Examples of mobile code include: 
Web Applets 
 Antivirus Procedure 
Internal 3 of 5
Mini-programs   written   in   Java,   which   are   automatically   loaded   &   run   on   being  named   in   an   HTML   document.   A   document   can   include   a   number   of   applets,   and  these   may   be   sourced   from   a   number   of   different   servers   and   run   virtually   without  the user being aware of them. 
      6. Procedure 
                        6.1. Antivirus Configuration and Deployment
      6.1.1. Desktop and Server Level
The  Trend Micro    solution should be configured to do the following:
Scan for files including compressed files up to 4 levels given below.
o System   Scan .   This   module   looks   for   viruses   in   any   file   that   the   computer  reads   from   or   writes   to   the   hard   disk   or   any   floppy   disk   in   the   drive.   It   runs  continuously   in   the   background   to   give   a   first   line   of   anti-virus   defense.  Scan for all files compressed files.
o E-Mail   Scan .   This   module   looks   for   viruses   carried   in   e-mail   attachments  that arrive the corporate email system or from the Internet.
o Download   Scan .   This   module   looks   for   viruses   in   files   you   download  the Internet, including attachments that arrive via mail.
o Internet   Filter .   This   module   blocks   hostile   Java   and   ActiveX   objects  from   damaging   your   system,   and   also   keeps   your   browser   from   visiting  potentially   dangerous   Internet   sites.   Java   and   ActiveX   objects   are   enabled  as per project requirements. 
the detected automatically.
the file to folder if unable to clean.
Follow   the   Incident   Handling   Procedure   in   case   of   virus   not   being   cleaned  and any new virus breakout.
Automatic antivirus pattern update should be configured in the application.
 Antivirus Procedure 
Internal 4 of 5
      6.1.2. Gateway Level
The   Adaptive   Security   Appliances   solution   should   be   configured   at   the   entry  point of network to do the :
All   incoming   and   outgoing   mails   will   be   checked   and   cleaned   if   malicious  is found.
Sonicwall   Gateway   Anti-Virus   is   deployed   to   providing   a   comprehensive  malware   protection   solution   against   spyware,   viruses,   spam,   and  content with integrated URL and content filtering .
      6.1.3. Management
Maintain   virus   logs   on   the   critical   servers   for   15   days   to   keep   track   of   virus  activity.   Logs   should   also   be   reviewed   periodically.   On   encountering   the  virus, the detailed log should be submitted to ISM 
All virus incidents should be reported by users to ISM/IT/Help Desk.
Any   critical   virus   /   events   handled   in   previous   months   logs   shall   be  generated as and reviewed in the Security Forum meetings
Any   virus   outbreak   shall   be   controlled   through   the   incident   management  procedure.
      6.1.4. URL Filtering
The   following   will   be   performed   to   ensure   a   virus-free   environment   wherever  applicable
All   HTTP   traffic   will   be   checked   for   presence   of   malicious   code   or   mobile  code. If so, the traffic the corresponding website be blocked
    7. Executive Owner
The   Manager     IT   will   be   responsible   for   implementing   and   executing   the   procedures  mentioned   in   this   document.   The   execution   will   be   monitored   and   reviewed   by   the  Chief Information Security Officer.
8. Outputs
  Virus free documents / system
 Antivirus Procedure 
Internal 5 of 5
  9. Reference Documents
Communication and Operations Management Policy