Longwood University
   Chief Information, Technology, and Facilities Officer:     
Information and Instructional Technology Services 
  201 High Street, Coyner 107, Farmville, VA  23909
   Phone: 434.395.2034         Fax: 434.395.2035

 Policy 6128
 MALWARE PROTECTION

I.    PURPOSE

The purpose of this policy is to protect Longwood University information technology resources and systems from the introduction of malware.

II.    DEFINITION

Malware: According to Microsoft, "`Malware` is short for malicious software and is typically used as a catch-all term to refer to any software designed to cause damage to a single computer, server or computer network." Viruses, worms, trojans, rootkits, bots, spyware, keystroke loggers and phishing software are all various forms of malware.

III.    POLICY

All users of Longwood University information technology resources and systems must operate in a way that protects against malware.

A. Installation of malware protection software:

All University owned computing devices, whether connected to the Longwood University network or standalone, must use Information and Instructional Technology Services approved malware protection software and configuration.  All non-University owned computing devices connected to the University network must utilize malware protection software.

B. Proper use of malware protection software:

Following installation, malware protection software installed on University-owned computers must not be disabled, bypassed or altered in a manner that will reduce the effectiveness of the software.  All non-University-owned computing devices while connected to the University network must maintain effective malware protection software.

C. Prevention of malware:

Users should not intentionally spread, develop or experiment with malware on the University's network.  Intentional spreading of malware includes spreading malicious programs through failure to run malware protection software, undertake proper use of operating systems or software updates or demonstrate due care in opening e-mail attachments.

Because software programs may contain vulnerabilities, approval of the Information Security Officer (ISO) or his or her designee is required to install software on University-owned computing devices.  Software programs used only for academic instruction and research purposes do not require the approval of the ISO.

IV. ENFORCEMENT

The University regards any violation of this policy as a serious offense.  Violators of this policy are subject to disciplinary action as prescribed in the Longwood Honor Code, the Student Handbook, the Faculty Policies and Procedures Manual and the Administrative Policies and Procedures Manual, in addition to possible enforcement sanctions.

Approved by the Board of Visitors, April 1, 2005.

Approved by the Board of Visitors, December 7, 2007.

Back to the Table of Contents                                                                    Next Policy