| Introduction - SharePoint
Virus Policy Template |
The number of SharePoint security incidents and the resulting cost of
business disruption and service restoration continues to escalate. Implementing
solid SharePoint security policies, blocking unnecessary access to networks and
computers, improving user security awareness, and early detection and mitigation
of security incidents are some of the actions that can be taken to reduce the
risk and drive down the cost of SharePoint security incidents. |
| Purpose |
The purpose of the [SharePoint Portal Owning Organization] SharePoint Virus Policy is to to describe the requirements for dealing with
computer virus, worm and Trojan Horse prevention, detection and cleanup. |
| Audience |
The [SharePoint Portal Owning Organization] SharePoint Virus Policy
applies equally to all individuals who use any [SharePoint Portal Owning
Organization] SharePoint resource. |
| SharePoint Virus Policy
Definitions |
- Virus: A program that attaches itself to an executable file or
vulnerable application and delivers a payload that ranges from annoying to
extremely destructive. A file virus executes when an infected file is
accessed. A macro virus infects the executable code embedded in Microsoft
Office programs that allows users to generate macros.
- Trojan Horse: Destructive programs-usually viruses or worms-that
are hidden in an attractive or innocent-looking piece of software, such as a
game or graphics program. Victims may receive a Trojan horse program by
e-mail or on a diskette, often from another unknowing victim, or may be
urged to download a file from a Web site or bulletin board.
- Worm: A program that makes copies of itself elsewhere in a
computing system. These copies may be created on the same computer or may be
sent over networks to other computers. The first use of the term described a
program that copied itself benignly around a network, using otherwise-unused
resources on networked machines to perform distributed computation. Some
worms are security threats, using networks to spread themselves against the
wishes of the system owners and disrupting networks by overloading them. A
worm is imilar to a virus in that it makes copies of itself, but different
in that it need not attach to particular files or sectors at all.
|
| SharePoint Virus Policy |
- All workstations whether connected to the [SharePoint Portal Owning
Organization] SharePoint network, or standalone, must use the [SharePoint
Portal Owning Organization] approved virus protection software and
configuration.
- The virus protection software must not be disabled or bypassed.
- The settings for the virus protection software must not be altered in a
manner that will reduce the effectiveness of the software.
- The automatic update frequency of the virus protection software must not
be altered to reduce the frequency of updates.
- Each file server attached to the [SharePoint Portal Owning Organization]
network must utilize [SharePoint Portal Owning Organization] approved virus
protection software and setup to detect and clean viruses that may infect
file shares. It must be appropriately audited to ensure that viruses have no
means to channel into SharePoint.
- Each Exchange gateway must utilize [SharePoint Portal Owning
Organization] approved e-mail virus protection software and must adhere to
the IS rules for the setup and use of this software.
- Every virus that is not automatically cleaned by the virus protection
software constitutes a security incident and must be reported to the [SharePoint
Portal Owning Organization] Help Desk.
|
| SharePoint Portal Password Policy Supporting Information |
- Any and all [SharePoint Portal Owning Organization] SharePoint security
controls must not be bypassed or disabled.
- All [SharePoint Portal Owning Organization] SharePoint users are responsible
for managing their use of SharePoint and are accountable for their actions
relating to SharePoint security. Users are also equally responsible for
reporting any suspected or confirmed violations of this policy to the
appropriate management responsible for SharePoint security incident handling.
- The use of SharePoint must be for officially authorized business purposes
only. There is no guarantee of personal privacy or access to tools such as, but
not limited to; SharePoint areas, WSS team sites, any and all collaboration and
communication functionality, and any sister sever integrations (i.e. integrated
Microsoft Exchange environments). The use of Sharepoint and SharePoint related
tools may be monitored to fulfill complaint or investigation requirements,
including forensic an analysis into IDS or other security systems. Departments
responsible for custody and operations of the SharePoint servers (custodian
departments) shall be responsible for proper authorization of SharePoint server
utilization, the establishment of effective use, and reporting of performance to
management.
- Any data housed within SharePoint must be kept confidential and secure by
the respectful [SharePoint Portal Owning Organization] SharePoint user. The fact
that the business data may be stored electronically (i.e. document library or
SharePoint list) does not change the requirement to keep the information
confidential and secure. The type of information or the information itself is
the basis for determining whether the data must be kept confidential and secure.
Furthermore if this data is stored in a paper or electronic format, or if the
data is copied, printed, or electronically transmitted the data must still be
protected as confidential and secured.
- [SharePoint Portal Owning Organization] server custodian departments must
provide adequate access controls in order to monitor SharePoint systems to
protect business data and associated programs from misuse in accordance with the
needs defined by owner departments. All SharePoint access must be properly
documented, authorized and controlled, following [SharePoint Portal Owning
Organization] standardized processes.
- All commercial SharePoint software used in [SharePoint Portal Owning
Organization]’s SharePoint environment (i.e. Web Parts) must be supported by a
software license agreement that specifically describes the usage rights and
restrictions of the product. SharePoint users must abide by all license
agreements and must not illegally copy licensed software. [SharePoint Portal
Owning Organization] reserves the right to remove any unlicensed software from
the SharePoint environment.
- [SharePoint Portal Owning Organization] reserves the right to remove any
non-business related SharePoint software or files from the SharePoint
environment.
|
| Disciplinary Actions |
Violation of this policy may result in disciplinary action which may
include termination for employees and temporaries; a termination of
employment relations in the case of contractors or consultants;
dismissal for interns and volunteers; or suspension or expulsion in the
case of a student. Additionally, individuals are subject to loss of [SharePoint
Portal Owning Organization] SharePoint access privileges, civil, and
criminal prosecution. |
| Compliance / Regulation
Contributed to by this Policy |
- Copyright Act of 1976
- Foreign Corrupt Practices Act of 1977
- Computer Fraud and Abuse Act of 1986
- Computer Security Act of 1987
- The Health Insurance Portability and Accountability Act of 1996 (HIPAA)
|
Site 
Home 
About ARB
Blog 
SharePoint Dev Center 
Security Labs 
Contact
