Malware protection
MedStack Confidential
Metadata
- responsible officer: CTO
- approved by: CTO
- date
- effective: 2018-06-20
- revised: 2020-08-05
- reviewed: 2022-08-31
Do not require server-level malware protection on Linux servers
- Linux servers do not require operating-system level anti-malware software
- File upload software should implement malware scanning.
| Code | Section | Title |
|---|---|---|
| SANS | Server Malware Protection Policy | Policy |
Run malware protection on workstations
- Mac OS
- Periodically run appropriate anti-malware software (e.g. Malwarebytes).
- Linux
- Use appropriate anti-malware software.
- Windows
- Use (preferably multiple) industry standard anti-malware software.
- Updates
- Keep malware software and definitions up to date using automatic updating.
- Mobile code
- Use malware protection software to automatically control mobile code (e.g. javascript, Word macros).
| Code | Section | Title |
|---|---|---|
| ISO | A.12.2.1 | Controls against malware |
| NIST | SC-18 | Mobile Code |
| SOC2 | CC6.8 | The entity implements controls to prevent or detect and act upon the introduction of unauthorized or malicious software to meet the entity’s objectives. |
When malware is detected
- Quarantined the affected workstation.
- Correct the infection using anti-malware software.
- Report and document the incident.
Enforcement
- Responsible party: All managers and supervisors
- sanctions: standard
References
| Code | Section | Title |
|---|---|---|
| ISO | A.12.2 | Protection from malware |
| HIPAA | 164.308(a)(5)(ii)(B) | Protection from malicious software (Addressable) |
| CHI | SR28 | Protecting Against Malware |