Antivirus and Software Security Policy
Information Technology Services
Information Technology Services
This policy is designed to protect the organizational resources against intrusion by viruses and other malware.
Worcester State reserves the right to monitor the content and traffic patterns and/or electronically screen networking and computing resources, including activity, and traffic originating remotely. Purposes for such monitoring, and/or screening include, but are not limited to, system maintenance, detection, and elimination of contamination, detection and prevention of unauthorized disclosures of Worcester State confidential or proprietary information, detection of unauthorized access to computing and network resources, and determination of compliance with Worcester State policies.
Worcester State reserves the right to intercept and/or quarantine any networking or computing resources that may pose a threat to Worcester State, including, but not limited to, data, messages, network traffic. If such monitoring, screening, interception, and/or quarantine reveal possible evidence of criminal activity, Worcester State may provide the evidence of such monitoring to law enforcement officials.
- Any activities with the intention to create and/or distribute malicious programs into the College's networks (e.g., viruses, worms, Trojan horses, e-mail bombs, etc.) are prohibited
- All Worcester State College computer systems must have current, approved antivirus software installed, properly configured and running at all times (never disabled). The antivirus software must be configured to automatically clean the infected file (remove the virus) or to quarantine the infected file if automatic cleaning is not possible.
- Scans must occur without user intervention, and on systems where this is not possible, users are responsible for initiating the scan on desktop systems, laptop systems and single user workstations.
- Information Technologies is responsible for antivirus administration on the College's servers and network devices. In each case, the user or system administrator is accountable for ensuring that the scans are performed in accordance with this policy.
- Virus-infected computers are removed from the network until they are verified as virus-free.
- When an enterprise-wide virus attack is in progress, Information Technologies shall notify the campus computing community via the best available method and all files on all hard drives should be scanned immediately using the newest virus definitions available.
- Worcester State licenses the computer software it uses from a variety of affiliated and unaffiliated companies. Worcester State does not own this software, but purchases a license in order to be able to use it. Any unauthorized reproduction or copying of such software, whether for business or personal use, is prohibited.
- All software may be used only in accordance with the terms of the license agreement. If you are unsure if any action may violate such a license agreement, request authorization from Information Technologies before proceeding. Misuse of software, equipment, or resources will subject the employee to disciplinary action up to and including termination.
- Enterprise Antivirus software is configured to generate audit logs.
All networked users must be take responsibility to ensure the risks of their desktop system of infecting other systems or shared files on a server are minimized. Despite the best measures, however, systems can still be at risk due to the rapid proliferation of malicious code via email, shared files and other methods. Therefore, in addition to maintaining up to date antivirus software,
- Never open any files or macros attached to an email from an unknown, suspicious or untrustworthy source or if you receive an attachment from someone you know unexpectedly. Delete these attachments immediately
- Delete Spam, chain, and other junk email without forwarding it.
- Never download files from unknown or suspicious sources
- Avoid direct disk sharing with read/write access unless there is absolutely a need to do so.
- Always scan a floppy disk from an unknown source for viruses before using it
- Routinely scan your hard disk for viruses, preferably on a daily basis.
- Never share your WSU network login, never allow other users to utilize a computer you have logged into. You are accountable for issues arising under your login.