This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
wiki:policies:end_user_device [2023/02/04 19:25] kevinkallmes [IV. Anti-Malware Policy] |
wiki:policies:end_user_device [2024/08/11 18:38] (current) katcow |
||
---|---|---|---|
Line 27: | Line 27: | ||
* Employees are discouraged from storing client materials on their local machines; instead, files that are not in the production environment should be stored in an encrypted cloud folder. | * Employees are discouraged from storing client materials on their local machines; instead, files that are not in the production environment should be stored in an encrypted cloud folder. | ||
- | ===== IV. Anti-Malware Policy ===== | + | ==== Software Review |
- | We require | + | Nested Knowledge |
+ | |||
+ | ===== IV. Anti-Malware Policy ===== | ||
- | Antivirus software installs must be updated (either by updating ruleset or fresh reinstalling) whenever scans are performed. | + | We require Nested Knowledge employees to run antivirus software on the company-issued computers. Software includes macOS built-in [[https:// |
=== Schedule === | === Schedule === | ||
- | The schedule for scanning is subject to change, but it will not fall below the minimum of twice annually. | + | The schedule for scanning is subject to change, but it will not fall below the minimum of twice annually. |
=== Reporting === | === Reporting === | ||
Line 45: | Line 47: | ||
- The offending applications and files will be uninstalled or removed until the report returns zero results. | - The offending applications and files will be uninstalled or removed until the report returns zero results. | ||
- The incident response team will analyze the malware attack surface and inventory the information that was available on the infected device since last scan. | - The incident response team will analyze the malware attack surface and inventory the information that was available on the infected device since last scan. | ||
- | - Based on the information available on the infected device, the appropriate Incident Response and Data Protection procedures will be enacted. Information about the threat will be escalated to clients/ | + | - Based on the information available on the infected device, the appropriate Incident Response and Data Protection procedures will be enacted. Information about the threat will be escalated to clients/ |
===== Enforcement ===== | ===== Enforcement ===== | ||
Line 54: | Line 56: | ||
^Author^Date of Revision/ | ^Author^Date of Revision/ | ||
- | |K. Cowie|12/15/2021|Draft Completed| | + | |K. Cowie|01/25/2024|Added application review| |
|K. Holub|12/ | |K. Holub|12/ | ||
|K. Kallmes|12/ | |K. Kallmes|12/ |