ANTIVIRUS POLICY
|
Document Identification |
HSNZ/POL/14 |
|
|
Document Name |
Antivirus Policy |
|
|
Master Copy |
CISO |
|
|
Version Number |
1.3 |
|
|
Date Of Release |
15 Aug 2023 |
|
|
Prepared By |
Eparama Tuibenau |
CISO |
|
Approved by |
Kevin McAfee |
Managing Director |
VERSION HISTORY
|
Sl No |
Version No. |
Prepared by |
Approved by |
Description of Version |
Date |
Reason for Version Change |
|
|
From |
To |
||||||
|
1 |
1.0 |
- |
CISO |
MD |
First Release |
14 Apr 2020 |
No changes made |
|
1 |
1.0 |
1.1 |
CISO |
MD |
Updated |
26 Jun 2021 |
Modifications due to changes in HealthSafe |
|
1 |
1.1 |
1.2 |
CISO |
MD |
Reviewed |
28 Jul 2022 |
Annual review |
|
1 |
1.2 |
1.3 |
CISO |
MD |
Reviewed |
15 Aug 2023 |
Annual review |
DOCUMENT STATUS
|
Date |
Document Status |
|
14 Apr 2020 |
Modified |
|
26 Jun 2021 |
Reviewed |
|
28 Jul 2022 |
Reviewed |
|
15 Aug 2023 |
Current |
Table of Contents
1 Purpose
2 Scope
3 Input
4 Output
5 Interacting Process
6 Abbreviations, Acronyms and Definitions
7 Procedure
8 Monitoring the Process
9 Records
- PURPOSE
The purpose of this document is to establish and maintain a policy for antivirus protection for HealthSafe Employee and Contractor resources. - SCOPE
These procedures apply to all aspects of anti-virus across all HealthSafe Employees and Contractors.
3 ABBREVIATIONS, ACRONYMS AND DEFINITIONS
|
Abbreviation |
Description |
|
FH |
Functional Head |
|
IT |
Information Technology Department |
|
TL/PM |
Team Lead / Project Manager |
|
CISO |
Chief Information Security Officer |
4 INPUT
All desktops, laptops and servers
5 OUTPUT
A virus-free network traffic and protected laptops/computers and production server environments
6 INTERACTING PROCESS
All users
7 PROCEDURE
- The cyber protection product is configured for real-time protection for the server and regular device checks with CleanMyMac or CleanMyPC
- CleanMyMac or CleanMyPC are to be configured on all work laptops
- Server protection are run by both AWS Security Hub as well as third-party protection from D-Dos attacks to malware detection and removal etc.
- Anti-virus, malware, and general recommendation scans shall be done once a week on all workstations by the individual employees.
- The default action once the virus/malware is discovered is to remove the virus/malware failing which the second action would be to delete the affected file.
- CleanMyMac and CleanMyPC licenses are renewed on an annual basis and are issued to the all Employees and Contractors. All new team members start with a new laptop or computer with the antivirus software installed.
8 MONITORING THE PROCESS
- The IT team will monitor the antivirus server console for any false positives via Slack notifications and AWS Security Hub
9 RECORDS
- AWS Security Hub
- BitNinja
- Slack
- Individual virus detection software