Section: Information Technology
Policy Number: 915Responsible Office: Information Technology
Effective Date: 5/1/19Revised: 5/1/19; 6/11/20; 5/23/22
The purpose of this policy is to provide information to St. John’s University’s (St. John’s) Office of Information Technology (IT) and the entire University community to improve the resistance to, detection of, and recovery from the effects of malicious code.
Malicious code describes software designed to exploit, infiltrate, or damage a computer system without the informed consent of the computer user. It includes, but is not limited to, computer viruses, worms, Trojan horses, rootkits, spyware, and adware. Malicious code is typically distributed over the internet by email or via web pages.
This policy applies to the University community. Adherence to this policy helps safeguard the confidentiality, integrity, and availability of St. John’s information assets, and protects the interest of St. John’s, its customers, personnel, and business partners.
To prevent information loss due to infection by, and spread of, malicious code, and to ensure continued uninterrupted services for St. John’s computers and networks, the University utilizes a viable endpoint control solution.
Any device or system that may be affected by computer virus, malware, phishing, mobile code, or email spam that connects to the St. John’s network has the standard endpoint protection solution installed and running at all times, as configured or approved by IT.
Endpoint protection is configured to automatically clean and remove an infected file or to quarantine the infected file if automatic cleaning is not possible. The software is configured to update automatically on a regular basis.
Employees are prohibited from disabling or tampering with the installed software unless authorized to do so by the Office of IT. Should there be an incident in which malicious code is detected, or it is suspected that a device has been compromised, access to St. John’s resources will be removed and St. John’s will follow protective measures in accordance with the 919 – Information and Cyber Security Risk Incident and Response Policy/Standards for proper guidance in order to ensure appropriate incident response.
The following are definitions relevant to the policy:
St. John’s reserves the right to audit networks and systems on a periodic basis to ensure compliance with this policy. Instances of noncompliance must be presented to be reviewed and approved by the Chief Information Officer (CIO), the Director of Information Security, or the equivalent officer(s).
All breaches of information security, actual or suspected, must be reported to and investigated by the CIO and the Director of Information Security.
Those who violate security policies, standards, or security procedures are subject to disciplinary action up to and including loss of computer access and appropriate disciplinary actions as determined by St. John’s.