Longwood University
   Chief Information Officer:     
Information and Instructional Technology Services 
  201 High Street, Coyner 107, Farmville, VA  23909
   Phone: 434.395.2034         Fax: 434.395.2035

 Policy 6128
 MALWARE PROTECTION

I.    PURPOSE  

The purpose of this policy is to protect Longwood University information technology resources and systems from the introduction of malware.  

II.    DEFINITION

 Malware: Malware, short for malicious software, is any software designed to damage, disrupt, harm or compromise any computer, server or network on which it is installed. Viruses, worms, trojans, rootkits, bots, spyware, keystroke loggers and phishing software are all various forms of malware.

 III.    POLICY

 All users of Longwood University information technology resources and systems must operate in a way that protects against malware.  


A.                   Installation of malware protection software:

 

All University owned computing devices, whether connected to the Longwood University network or standalone, must use Information and Instructional Technology Services approved malware protection software and configuration. All non-University owned computing devices connected to the University network must utilize malware protection software.

 

B.                    Proper use of malware protection software:

 

Following installation, malware protection software installed on University-owned computers must not be disabled, bypassed or altered in a manner that will reduce the effectiveness of the software. All non-University-owned computing devices while connected to the University network must maintain effective malware protection software.

 

C.                    Prevention of malware:

 

Users should not intentionally spread, develop or experiment with malware on the University's network. Intentional spreading of malware includes spreading malicious programs through failure to run malware protection software, undertake proper use of operating systems or software updates or demonstrate due care in opening e-mail attachments.

 

Because software programs may contain vulnerabilities, approval of the Information Security Officer (ISO) or his or her designee is required to install software on University-owned computing devices.

 

D.                   Exceptions and Exemptions:

 

Exceptions to or exemptions from any provision of this policy must be approved in writing by the Chief Information Officer (CIO) or his or her designee.  

IV. ENFORCEMENT

 The University regards any violation of this policy as a serious offense. Violators of this policy are subject to disciplinary action, in addition to possible cancellation of IT resources and systems access privileges. Users of IT resources and systems at Longwood are subject to all applicable local, state and federal statutes. This policy does not preclude prosecution of criminal and civil cases under relevant local, state, federal and international laws and regulations.

 Enforcement Sanction Procedures

Approved by the Board of Visitors, April 1, 2005.
Approved by the Board of Visitors, December 7, 2007.
Revised and approved by the Board of Visitors, March 27, 2009.

Back to the Table of Contents                                                                    Next Policy