Virus Protection Policy  

Virus Protection Policy
How viruses can infect St. George's University's network
How St. George's University's IT department prevents and/or minimizes virus infections
How to respond to and report a virus
Notify the help desk of suspicious files

Virus Protection Policy

It is the responsibility of everyone who uses St. George's University's computer network to take reasonable measures to protect it from virus infections.

This policy outlines how various viruses can infect St. George's University's network, how St. George's University's Information Technology (IT) Office tries to prevent and/or minimize infections, and how St. George's University's network users should respond to a virus if they suspect one has infected St. George's University's network.


Top


How viruses can infect St. George's University's network

There are three types of computer viruses: true viruses, Trojan horses, and worms. True viruses actually hide themselves, often as macros, within other files, such as spreadsheets or Word documents. When an infected file is opened from a computer connected to St. George's University's network, the virus can spread throughout the network and may do damage. A Trojan horse is a program file that, once executed, doesn't spread but can damage the computer on which the file was run. A worm is also a program file that, when executed, can both spread throughout a network and do damage to the computer from which it was run.

Viruses can enter St. George's University's network in a variety of ways:

  • E-mail — By far, most viruses are sent as e-mail attachments. These attachments could be working documents or spreadsheets, or they could be merely viruses disguised as pictures, jokes, etc. These attachments may have been knowingly sent by someone wanting to infect St. George's University's network or by someone who does not know the attachment contains a virus. However, once some viruses are opened, they automatically e-mail themselves, and the sender may not know his or her computer has been infected.
  • Disk, CD, Zip disk, or other media — Viruses can also spread via various types of storage media. As with e-mail attachments, the virus could hide within a legitimate document or spreadsheet or simply be disguised as another type of file.
  • Software downloaded from the Internet — Downloading software via the Internet can also be a source of infection. As with other types of transmissions, the virus could hide within a legitimate document, spreadsheet, or other type of file.
  • Instant messaging attachments — Although less common than e-mail attachments, more viruses are taking advantage of instant messaging software. These attachments work the same as e-mail viruses, but they are transmitted via instant messaging software.

Top


How St. George's University's IT Office prevents and/or minimizes virus infections

St. George's University's IT Office fights viruses in several ways:

  • Scanning Internet traffic — All Internet traffic coming to and going from our network must pass through company servers and other network devices. Only specific types of network traffic are allowed beyond the organization's exterior firewalls.

    For example, an e-mail message that originates outside of the network must pass through the Norton Anti-Virus program before it is allowed to enter the e-mail server. This device routes suspicious e-mail and attachments to an isolated storage device, defeating the purpose of a virus.
  • Running server and workstation antivirus software—All vulnerable servers run Norton's Anti-Virus program. This software scans our file-sharing data stores, looking for suspicious code.

    Norton's Anti-Virus program is also installed on all university-owned desktop and notebook computers. This software scans all data written to or read from a computer's hard drive. If it finds something suspicious, it isolates the dubious file on the computer and automatically notifies the help desk.
  • Routinely updating virus definitions—Every morning, the firewall and server virus scanning programs check the Norton Anti-Virus control center for updated virus definitions. These definition files allow the software to detect new viruses. If a new virus definition file is available, the virus scanning software is automatically updated, and then the system administrator is informed. When end users turn on their computers at the beginning of the workday, the workstation virus protection program checks with a St. George's University server on the network for updates. The workstation program will then download and install the update automatically, if one exists.
  • All users of the Firefly network are required to run a program that determines whether their computers have a current anti-virus program running along with the most recent anti-virus signature files and Windows updates/patches.

Top


How to respond to and report a virus

Even though all Internet traffic is scanned for viruses and all files on SGU’s servers are scanned, the possibility still exists that a new or well-hidden virus could find its way to an employee's computer, and if not properly handled, it could infect St. George's University's network.

The IT staff will attempt to notify all users of credible virus threats via e-mail or telephone messages. Because this notification will automatically go to everyone in the organization, employees should not forward virus warning messages. On occasion, well-meaning people will distribute virus warnings that are actually virus hoaxes. These warnings are typically harmless; however, forwarding such messages unnecessarily increases network traffic.

As stated, it is the responsibility of all St. George's University network users to take reasonable steps to prevent virus outbreaks. Use the guidelines below to do your part:

  • Do not open unexpected e-mail attachments, even from co-workers.
  • Never open an e-mail or instant messaging attachment from an unknown or suspicious source.
  • Never download freeware or shareware from the Internet without express permission of the IT Office.
  • If a file you receive contains macros that you are unsure about, disable the macros.

Top

Notify the help desk of suspicious files

If you receive a suspicious file or e-mail attachment, do not open it. Send a SHOR ticket to the Helpdesk at St. George's University providing details regarding the virus. A support analyst will explain how to handle the file.


If the potentially infected file is on a disk that you have inserted into your computer, the antivirus software on your machine will ask you if you wish to scan the disk, format the disk, or eject the disk. Eject the disk, and contact the help desk via e-mail. A support analyst will instruct you on how to handle the disk.

After the support analyst has neutralized the file, send a note to the person who sent or gave you the file notifying them that it included a virus. (If the file was sent via e-mail, the antivirus software running on our e-mail system will automatically send an e-mail message informing the sender of the virus it detected.)

If the file is an infected spreadsheet or document that is of critical importance to St. George's University, the IT Office will attempt to scan and clean the file. The IT Office, however, makes no guarantees as to whether an infected file can be totally cleaned and will not allow an infected file to be used on St. George's University computers.

 

Top