计算机端点防护

1. 目的

This policy is designed to help prevent infection of 十大彩票网投平台 (USA) computers and computer systems by computer viruses and other malicious code. This policy is intended to help prevent damage to user applications, data, files, and hardware.

2. 适用性

This policy applies to all University General Division departments that deploy, 赞助商, 管理, 或者利用工作站, 笔记本电脑, 或其他计算机设备s on the USA network or in a commercial cloud. This policy also applies to all employees and faculty of USA; as well as vendors, 承包商, 合作伙伴, collaborators and any others doing business or research with USA. 其他当事人, 使用, 工作, or provide services involving USA computers and technology systems will also be subject to the provisions of this policy. Every user of USA computer resources is expected to know and follow this policy. This policy does not cover student owned computer devices.

3. 定义

计算机设备: Any type of device connected to a network that may become compromised by malicious software. 计算机设备的例子有, 但不限于, 工作站, 服务器, 笔记本电脑, 平板电脑, 智能手机, 或者其他智能设备.

恶意软件: Any type of computer code that comprises a computer device and performs a malicious action. This is sometimes perpetrated by computer viruses, worms, trojans,etc.

防病毒或防恶意软件软件: Runs on a computer device and monitors for malicious software or connections. 这种软件通常是反应性的, meaning a signature file must be developed for each new malware variant discovered and these files must be sent to the software in order for the software to find the malicious code.

病毒定义文件: Periodic files provided by vendors to update the anti-virus software to recognize and deal with newly discovered malicious software.

4. 政策指导方针

All 十大彩票网投平台 owned desktop and laptop computers connected to the USA network or networked resources must have anti-virus software installed, 附下列规定:

A licensed anti-virus software currently supported by the Computer Services Center must be utilized;
The licensed anti-virus software utilized must be the most current version available and supported by the manufacturer.

Public (internet) facing 服务器 must have anti virus/malware software installed. If the server cannot have anti-virus/malware software installed, see “Exceptions” in 程序. Other computer devices may be exempted from this requirement as noted in the 程序 section.

5. 程序

Anti-virus/malware software must be installed and configured in a way that allows for consistent, 可重复的, and up to date protection of the computer device and data. The procedures below describe the minimum steps needed to allow for this protection and exceptions to the policy.

防病毒/恶意软件必须处于激活状态, must be scheduled to perform virus checks at regular intervals or when a file is introduced to the system, and must have its virus definition and all other associated software files kept current;
No user shall disable or tamper with the configuration of anti-virus software installed on their respective computer;
Employees who allow non-USA employees to attach 工作站 (desktops or 笔记本电脑) to the USA network are responsible for ensuring that those 工作站 are running anti-virus software and that a current virus signature is installed;
员工连接个人或美国拥有的工作站, 或其他计算机设备, to the USA network are responsible for ensuring that the workstation/device is running anti-virus/malware software and that a current virus signature is installed.

在下列情况下，本政策可能允许例外:

The computer device cannot have anti-virus/malware software installed. Possible examples of this would be 服务器 not configured as client systems, 供应商控制系统, or devices where anti-virus software has not yet been developed. 在这些情况下, 系统管理员必须制定计划, 比如采用补偿控制, to protect the device from infection before connection to the USA network;
虚拟机客户端是非持久化的;
The infected computer device is discovered that performs a critical function and may not be immediately taken “off-line” without seriously impairing some business function. 在这种情况下, a plan will be developed to allow the computer device to be taken off-line and the infection purged while protecting the function of the device.

If deemed necessary to prevent propagation to other networked devices or detrimental effects to the network or data, an infected computer device may be disconnected from the network until the infection has been removed. This will be done under the direction of the Computer Services Center, the technology coordinator or computer support specialist in conjunction with the affected personnel and the USA Information Security Office.

6. 执行

All departments and units are required to follow and implement this policy. Failure to do so will result in an unacceptable risk to the University and the computer device being disconnected from the network.