This policy is designed to help prevent infection of IST Austria computers, networks, and technology systems by computer viruses and other malicious code. This policy is intended to help prevent damage to user applications, data, files, and hardware.
This policy applies to all users of the IST Austria IT infrastructure, data, or applications; as well as vendors, contractors, partners, collaborators and any others doing business or research with IST Austria that involves access to IST Austria computers, networks and/or technology systems.
- All computer devices which are connected to the IST Austria IT infrastructure or are part of the IT infrastructure shall have anti-virus software installed and configured so that the virus definition files are current, routinely and automatically updated. The anti-virus software must be actively running on these devices.
- All computers owned by the Institute must have the most recent version of anti-virus provided by IST Austria IT installed.
- All Windows PC’s are to be configured such, that they schedule regular operating system updates as provided by the vendor (Windows updates).
- Macintosh systems are to be configured to schedule regular updates from the software manufacturer (Apple security updates).
- Linux systems are to be configured to schedule regular updates from the distribution.
- All files on computer devices will be scanned periodically for viruses.
- If deemed necessary to prevent propagation to other networked devices or detrimental effects to the network or data, an infected computer device may be disconnected from the Institute network until the infection has been removed.
- Exceptions to this policy may be allowed if a computer device cannot have anti-virus software installed. Possible examples of this would be servers under direct control of IST Austria IT, vendor-controlled systems, or devices where anti-virus software has not yet been developed. In these cases, special networks have to be used, which protect such device and remote devices from infection.
- An exception may be granted if an infected computer device is discovered that performs a critical function and may not be immediately taken off-line without seriously impairing some critical business function. Under those circumstances, a plan will be developed to allow the computer device to be taken off-line and the infection purged while protecting the function of the device.
IST Austria IT provides ESET Endpoint Antivirus anti-virus/anti-malware software for IST Austria owned devices free of charge. Please contact email@example.com if you have questions about the software.
For own devices, Microsoft Security Essentials (Microsoft Defender on Windows 10) is available for the Windows environment and ClamXav is available for the MacOS environment. Both are available as free downloads.
Effective Date: 2017-02-01
Last Reviewed: 2020-02-15
Next Review: 2021-02-15
Owner: IST Austria IT
|1.0||February 2017||Initial Version, introduced with new Viruscan (ESET)||Stephan Stadlbauer|
|1.1||October 2017||Version copied to IT page, removed chapter “Document action”|
added Document header.
|1.2||2020-02-13||Removed Enforcement chapter, clarified Scope, minor changes (cosmetic, typos, clarifications) in the policy||Stephan Stadlbauer|
|Roland Gansch||Division Head of SSUs||2020-02-15|
|Stephan Stadlbauer||Head of IT||2017-02-01||OK|