University IT resources must have a current version of an anti-virus/malware software (or virus filtering software). To protect against the spread of viruses on University computers and reduce institutional risk, the University recommends a "two-tier" virus/malware protection standard. Two-tier protection means that software is used on both the desktop and server.
When selecting an anti-virus/malware software solution, verify that the software meets or exceeds the requirements in the standard.
The unit or individual directly responsible for the data or system must ensure that the system has the appropriate anti-virus/malware software, configuration, and anti-virus/malware audit logs.
See the Information Security policy appendices for additional information security standards that also apply.
This standard is based on the principles of ISO/IEC 27002:2013.