School of Chemical Sciences University Of Illinois computing@scs.uiuc.edu
   SCS Computing Networking Electronics Staff

SCS AntiVirus Policy

Viruses, worms, and trojan horses are examples of malware, programs that can cause significant damage to department and user resources. They can destroy, alter, or disclose information in a variety of ways, and damage the reputation of the department and of the individuals associated with the department.

  1. Purpose
    The purpose of this policy is to establish a standard for the use of antivirus software on machines affiliated with the department
  2. Scope
    The scope of this policy includes any machine connected to the department network, directly or via dialup or VPN, and any machine used by any member of the department within the context of their association with the department. For example, this includes personal machines used for department work. A campus wide policy is available at http://www.fs.uiuc.edu/cam/cam/viii/viii-1.2.html
  3. Policy
    3.1 General
    1. All machines must have a recent version of a robust antivirus software package, if it is appropriate for their underlying operating system or installed applications. This includes, but is not limited to, Microsoft operating systems, productivity software such as Office, Apple operating systems, or any of the above running in a virtual machine. The determination of appropriateness is at the discretion of the department owning the equipment and their IT staff after consultation with CAN-ES staff.
    2. All machines with antivirus software must have that software enabled at all times, and should be configured to start the software automatically when the machine boots.
    3. All machines with antivirus software must have up-to-date virus signatures, and should be configured to update on at least a daily basis.
    4. All machines with antivirus software should be configured for “on access” scanning, where a file is scanned for viruses before an application is allowed to access the file.
    5. All computers, especially laptops, must be checked by CANS-ES staff before they will be allowed on the SCS network. CANS-ES will install anti-virus software and apply patches at no charge for the initial setup of Windows or Apple computers new to the SCS network. Please call us to discuss your UNIX computers.


    3.2 Guidelines
    The following guidelines can assist you in remaining free of malicious software.
    1. It is considered sufficient to install and use the university licensed antivirus software packages available from the campus software webstore. This software is free for faculty, staff, and students for academic and personal use, as long as the user remains at the university. (Helpful antivirus information for Windows users)
    2. Never open files or macros from suspicious, unknown, or untrustworthy sources.
    3. Never open unexpected files or macros from anyone. If in doubt, contact the sender and verify that the attachment is genuine. As an example, it is inefficient to mass mail an attachment to the entire campus, a link would be posted for download instead.
    4. Never download files from suspicious, unknown, or untrustworthy sources.
    5. If possible, avoid direct disk sharing with read/write access.
    6. Do not use peer-to-peer file sharing networks, and beware of file transfers if using IRC.
    7. Apply all patches, software and security updates as they help to shield your computer from vulnerabilities, viruses, worms, and other threats as they are discovered. Patches and updates may cause conflicts with older PC’s used for specific functions, as in a lab. If a machine cannot be patched, please consult with CANS-ES staff for ways to minimize virus or security threats.
    8. Always scan removable media (e.g. floppies, CDs, ZIP disks) before using, and disable the autoplay feature if your OS supports it.
    9. The department recommends the use of server level antivirus software for all mail servers, whether managed by department IT staff, research groups, or individuals.


  4. Enforcement
    Anyone found to have violated this policy may be subject to disciplinary action, including but not limited to temporary loss of network connectivity, loss of Internet access, or complete and permanent termination of access to the department network.

    If a computer becomes infected and is subsequently disabled from network access, the PI or department head must be notified before the computer is allowed back onto the SCS network.

    Remediation of infected PC's due to a failure to follow 3.2 Guidelines shall be subject to normal billing rates.
  5. Definitions
    malware
    short for malicious software, includes viruses, worms, trojan horses, etc.