The Analysis of the Security Policy - Assignment Example

Policy Paper Security policy for antivirus, spyware and adware for a medium-sized organization Introduction Antivirus, spyware, andadware are categories of malware. Malwares refer to types of software whose installation into a computer leads to the performance of undesired tasks. The intension for using malwares is often for the benefit of a third party. There are many malware programs, which include those that cause simple annoyances and those with the ability to cause serious computer damage through their invasion. Some of the serious damages and loses that could happen to a computer due to antivirus, spyware, and adware invasion include data loss, sharing of passwords and malfunctioning of the computer. In addition, certain malware programs are meant to transfer information regarding website activities to third parties (Vacca, 2013). Overview The security policy addresses antivirus, spyware, and adware in a medium-sized organization. If defines the handling of computer gadgets in the organization including how regularly computer software maintenance is expected to be performed, the manner in which computer updates are conducted, the type of programs to be installed and used on computers. The policy also defines the means by which prevention and removal of malware programs from computers is done (Aycock, 2011). It also denotes the types of files attachments to be blocked at the mail server, anti-virus and anti-spyware programs to be run on the server. The policy also specifies whether the use an anti-spam firewall is acceptable in order to offer additional security measures to the mail server (Aycock, 2011). It also specifies the manner in which files should be availed to the trusted sites and the examination process to determine unwanted or hostile content. A virus has the ability to replicate and distribute to other programs in the computer (Aycock, 2011). It also causes damage by using up computer memory, reformatting the hard disk and deleting files. A spyware automatically gathers information from a computer and online activities and transfers it to other interested parties. Adware is financially supported or that which offers financial support to a different program through the display of ads when a computer is connected to the internet (Aycock, 2011). Purpose This security policy is designed with the aim of ensuring protection of the organizational resources against interference of intrusion by viruses, spyware, adware and other malware. Scope This policy is applicable to all computers and servers that are connected or associated with the organization network through wireless connections, standard network connections, virtual private network connections or modem connections. The policy explicitly includes computers owned by the organization, individuals or sharing the organization’s network. The computer definition in this policy includes laptop computers, desktop workstations, handheld computing gadgets and servers (Vacca, 2013). Policy statements Antivirus All servers, computer devices belonging to the organization are expected to have an installed antivirus application that is capable of providing real-time scanning and protection for applications and files. It is important for the targeted systems to comply with the following requirements (Aycock, 2011): The availability of remote access capability to non-administrative users A file server is possessed by the system Microsoft Share accessibility is possible to this server through systems accessed by non-administrative users HTTP/FTP access is accessible from the internet Applications/Protocols can access this system from the Internet by the organization’s security administrator Availability of outbound web access from the system The organization is expected to use single antivirus software for protection as specified by the organizations security administrator. The minimum requirements, which should be enforced within the organization, are: The antivirus software shall be in operation in real time on all computer devices and servers within the organization. The antivirus shall also be configured in order to offer protection on a real time basis. The antivirus definition shall undergo updates at least on a single occasion in a day. Antivirus scanning to the servers and computer appliances within the organization shall be performed at least once per week. No one is allowed to stop antivirus updates process and antivirus scans process except the domain administrators. All servers and computer appliances within the organization and belonging to the organization shall have an antivirus application installed that provides protection. The antivirus shall be used to scan files and applications used in computer systems. Antispyware All servers and computer devices within the organization and belonging to the organization should have an installed antispyware application that is capable of providing real-time scanning and protection to applications and files running on the targeted systems if they meet the following (Vacca, 2014): Any system where non-administrative or non-technical users enjoy remote accessibility to the system and other outbound accessibility is allowed to the internet Any system where non-administrative or non-technical users can do the installation of the program on their own Notable exception to the above antispyware security standard will be granted with documentation and minimal resistance if one of the following notable situations is experienced by this system: The system uses a SQL server The system is meant for use in handling dedicated mail servers The system does not use a platform based on Windows Adware The security policy covers other potential malware threats and issues including those associated with adware. It grants the security administrator in consultation with thee management the responsibility to determine the techniques and approaches to be used in the removal and prevention of aware. The may make specifications concerning the features and qualities of acceptable removal and prevention software (Aycock, 2011). If the antivirus or antispyware product acquired by the organization has the capability of handling other malwares such as adware, then the security administration team in consultation with the management team shall state its standards and compliance requirements. Security tools Suggested security tools for maintaining a company that is free from malware infestations include the following (Vacca, 2014): 1. Network-based web content filtering The tool and process is effective because it is instrumental in preventing web-based malware. 2. Network based spam filtering The tool acts in an efficient manner in order prevent known e-mail-based spyware that tries to infects hosts and cause alterations to critical files 3. Network-based intrusion prevention The tool performs a critical role because it prevents major known malware that try to access monitored networks. It is also effective in preventing worms. 4. Spyware detection and removal utility The tool is effective in detecting and removing known spyware that could be infectious to hosts such as such as servers and workstations. 5. Host-based antivirus software The tool plays an effective role in stopping the operation of known malware trying to infest hosts such as servers and workstations. 6. Network-based antivirus software The tool plays a noteworthy role in stopping various types of malware that try to go through monitored networks such internet firewall. Set up a schedule Activity Description Time Updates Ensure the server and the computer appliances belonging to the company are running and operating on latest and updated programs and applications. This will enhance security measures and seal channels that propagate against malware infestation. Regularly Maintenance Regular and proper maintenance of the appliances and systems should be performed in order to have a company free from malware infestations. This will ensure smooth operation of other security measures. Regularly Checking authenticity The programs, applications and other software used on the company’s computer gadgets and systems should only be authentic from genuine from reputable manufacturer and not counterfeit. This will avoid or reduce chances of attack by malware. During installation References Aycock, J. D. (2011). Spyware and adware. New York: Springer. Vacca, J. R. (2013). Computer and information security handbook. Amsterdam: Morgan Kaufmann Publishers is an imprint of Elsevier. Vacca, J. R. (2014). Network and system security. Amsterdam: Syngress. Read More