Status: TDX Submitted Draft
Last Revision Date: 22 March 2022
Statement of Purpose
Clackamas Community College employs a Defense in Depth strategy to prevent the intrusion and activation of malicious software (malware). Malware can take various forms, requiring different prevention techniques and technologies. This policy ensures the protection of the college, students, faculty, and staff from the adverse effects of malware infection.
Policy Summary
All Clackamas Community College Information Technology Services (ITS) resources that are potentially vulnerable to viruses or other malware, whether managed by employees or third parties, must be protected by approved anti-malware software.
Policy
-
The Chief Information Security Officer (CISO) shall approve anti-malware software for use on all applicable ITS resources.
-
Anti-malware software shall be configured to:
-
Receive automatic updates.
-
Perform periodic scans.
-
Log security events.
-
Record events to a centralized repository, such as a Security Information and Event Management (SIEM) system.
-
Anti-malware products will be centrally managed, preventing non-administrators from making changes.
-
Anti-malware signatures must be updated automatically at least once per day.
-
Systems running Clackamas Community College anti-malware software shall alert the information security team in real time upon detecting a virus.
-
Retention of anti-malware logs shall comply with applicable laws, regulations, or as outlined in Policy 104.
-
Non-persistent desktops (such as VMware Horizon instant clones and lab computers protected by Smart Shield software) must have anti-malware software installed.
Exemptions
None.
Exceptions
Exceptions to this policy must be pre-approved in writing by the Chief Information Officer (CIO).
This policy is subject to periodic review to ensure its effectiveness and alignment with evolving cybersecurity threats and best practices.