Virus Protection and Management policy

This policy applies mainly to systems administrators and technical support staff, but is also relevant to anyone else who has a responsibility for preventing the introduction of viruses to the University network.

The numbers in brackets refer to the section in the full policy, which is available as a PDF

Policy Requirements

  • The University will deploy, operate and maintain up-to-date effective anti-virus software on all computer systems that are liable to attack from malicious software (2.1).
  • ISS will make anti-virus software upgrades and definition files available as and when they are received from the vendor(s) and all (Microsoft Windows) PCs are to be updated at the first opportunity when these become available (2.1).
  • Only authorised staff may deploy anti-virus software on University-owned computers that are attached to the network and care must be taken to ensure that this does cause adverse affect or impact system performance (2.1).
  • Virus protection of computers that are not network connected must also be maintained (2.1).
  • Users of laptop computers are to be given instruction regarding the maintenance of virus protection software whilst working away from the University, and equipment is to be checked for currency of virus protection by IT/computer support staff on return, prior to being connected to the network (2.1).
  • Privately-owned computers that are authorised to attach to the University network are required to have up to date anti-virus software installed. Responsibility for installing and maintaining the currency of such software rests with the respective computer owners (2.1).
  • Automatic anti-virus software updates will be provided centrally by ISS to faculties, school and departments wishing to utilise the automatic update facility (2.2).
  • The currency of anti-virus software is to be verified periodically and remedial action taken where the automated update deployment mechanism has failed (2.2).
  • Computer support staff updating anti-virus software under their own arrangements must be able to demonstrate that they have an effective alternative facility in place and must use a mechanism that will complete rollout in same time as the automated deployment facility (2.2).
  • The Residential Network and Wireless Local Area Network (WLAN) will remain isolated from the campus network to prevent proliferation of virus infection from student machines which may not be adequately protected (2.2).
  • All incoming email must be routed through the University's core mail servers or via departmental mail servers with the equivalent level of virus scanning as the core mail servers. E-mail attachments that could constitute a risk of virus introduction will be blocked (2.2).
  • ISS will monitor email traffic for signs of virus contamination and mail servers that are found to be routinely passing infected emails will be blocked form the network (2.2).
  • Computer support staff who discover virus contamination of any of their computers are required to notify the IT Security Co-ordinator (2.2).
  • Users will be alerted via email or other means where specific virus threats emerge that could have an impact on University systems (2.2).
  • .zip email attachments are not blocked but as soon as the University becomes aware of a new virus spreading this way a temporary delay on the receipt of .zip attachments will be imposed pending receipt of updated anti-virus software (2.3.1).
  • If the authenticity and legitimacy of an email bearing an attachment cannot be verified you must delete the email without opening the attachment (2.3.1). 
  • If a home computer is virus infected, or is suspected of being virus infected, it is not to be connected either physically or remotely to the University without first being verified as being free from contamination (2.3.2).
  • Anyone who brings any removable medium into the University which has been used on a home computer that is believed to be virus infected is to have it scanned on an isolated machine before loading it or connecting it to a network connected computer (2.3.2).
  • ISS will maintain procedures and co-ordinate activities for managing and reducing the impact in the event of a virus outbreak and will periodically scan computers attached to the network to identify machines that are potentially contaminated. Machines that are identified as being contaminated are to be cleaned and anti-virus software brought up to date. Network access may be blocked by ISS where this remedial action is not promptly taken (2.4).
  • In the event of a major virus outbreak ISS will endeavour to inform computer support staff and users (2.4).
  • Anyone who believes or suspects that their computer has been infected with a virus is to immediately disconnect it from the network report it as soon as possible (2.5).
  • Virus infected computers are to be clearly labelled and remain isolated from the network until it is confirmed that they can be reconnected (2.5).
  • Any removable medium that was being used on the computer at the time of the suspected contamination, or immediately prior, is to be made available for investigation (2.5).