TO: All Members of the University Community 99:07
DATE: May 1999
COMPUTER VIRUS POLICY
The purpose of this policy statement is to identify the possible points of entry by a virus and to determine the appropriate defense. The University must be prepared to deal with this threat at all levels of computing activity. Areas to be considered are the Enterprise Server, and all personal computers.
The University's IBM Enterprise Server is well protected from unauthorized access. Access to the MVS System is RACF protected. RACF provides:
Personal computers are particularly vulnerable to attack due to the variety of software and external network interfaces available. In order to reduce the risk of introducing viruses to Ferris State University computers, all new software must be checked before it is loaded to a machine. Ferris State University has purchased several copies of anti-viral vaccine software for this purpose. The LAN Administrator will perform the software check, or direct the requester to the most convenient location that vaccine software is available.
In order to prevent viruses from being introduced from external network sources (i.e., public bulletin boards), downloading software to unprotected Ferris State University machines is prohibited. It is the responsibility of the Computer Consortium Resource Managers (CCRM) to provide virus protection to PC's and servers in their consortia. Contact your LAN Administrator for assistance before proceeding. A notice warning Ferris State University students and staff about the risk of computer viruses will be published quarterly.
Student computer labs are another potential virus source of entry to Ferris State University equipment. The CCRM's are responsible for developing and implementing virus protection measures appropriate for each lab. At a minimum, the following procedures will be implemented wherever applicable: