Anti-Virus/Malware Policy
Purpose
The purpose of this Anti-Virus/Malware Policy is to establish guidelines and procedures for protecting the computer systems, network infrastructure, and sensitive data of Alloc8tor Ltd ("Alloc8tor") from viruses, malware, and other security threats. This policy outlines the responsibilities of all employees and users in preventing, detecting, and responding to potential security risks.
Policy Statement
2.1. Use of Authorised Software: All employees and users must only install and use authorised software applications approved by Alloc8tor's IT department. Unauthorised software, including pirated or unlicensed software, is strictly prohibited, as it may introduce security vulnerabilities and increase the risk of malware infections.
2.2. Regular Software Updates: All computers, servers, and devices connected to Alloc8tor's network must have up-to-date operating systems and software. Employees and users are responsible for promptly installing software updates, patches, and security fixes provided by the software vendors to address known vulnerabilities.
2.3. Email and Web Security: Employees and users must exercise caution when opening email attachments or clicking on links from unknown or suspicious sources. Alloc8tor will implement email filtering and web security measures to reduce the risk of phishing attacks, malicious downloads, and harmful website visits.
2.4. Removable Media: The use of external devices, such as USB drives or external hard drives, must be limited to authorised and trusted devices. Before connecting any external media to Alloc8tor's systems, employees and users must scan them with the company's approved anti-virus/malware software.
2.5. Reporting Security Incidents: Employees and users must promptly report any suspected security incidents, virus/malware infections, or unusual system behaviors to the IT department. Reporting incidents in a timely manner enables swift response and containment to prevent further damage or data breaches.
2.6. Employee Training and Awareness: Alloc8tor will provide regular training and awareness programs to educate employees and users about safe computing practices, identifying potential security threats, and adhering to this policy. Training sessions may cover topics such as recognising phishing emails, avoiding suspicious websites, and secure downloading practices.
2.7. Remote Working: Employees working remotely must adhere to the same anti-virus/malware policy as when working on-site. They must utilise VPN connections provided by Alloc8tor and maintain up-to-date anti-virus/malware software on their personal devices used for work purposes.
Enforcement and Consequences
Failure to comply with this Anti-Virus/Malware Policy may result in disciplinary action, up to and including termination of employment or other appropriate consequences. Violations of this policy may also lead to legal action if they result in data breaches, unauthorised access, or damage to Alloc8tor's computer systems or network infrastructure.
Policy Review
This policy will be reviewed periodically by Alloc8tor's IT department to ensure its effectiveness and compliance with evolving security threats and industry best practices. Any updates or revisions to this policy will be communicated to all employees and users.
By adhering to this Anti-Virus/Malware Policy, Alloc8tor aims to maintain a secure computing environment and protect its systems and data from potential threats.
This policy was last updated on 19th May 2023