• Campuses
  • Abilene
  • Amarillo
  • Dallas
  • El Paso
  • Lubbock
  • Permian Basin
• Info For
  • Careers at HSC
  • Prospective Students
  • Current Students
  • Residents
  • Faculty & Staff
  • Alumni & Friends
  • Patients & Healthcare
  • Visitors & Community
  • Giving to TTUHSC
• Schools
  • Allied Health Sciences
  • Biomedical Sciences
  • Medicine
    • HSC School of Medicine
    • Foster School of Medicine
  • Nursing
  • Hunt School of Nursing
  • Pharmacy
• Contact Info
  • HSC Directory
  • HSC Contacts
  • IT Contacts
• Site Maps
  • HSC Site Map
  • IT Site Map

Quick Search

IT Resources

• Information Technology
• Quick Links
  • Available Services
  • IT Solution Center
  • TechLink
  • IT Policies
  • SolveIT
  • Work Orders (STARS)
  • LCMS

IT Policies

• Policies
• TTUS Board Of Regents Policies And Procedures
• Security
  • I.T. Resource Management And Responsibilities
  • Managing Physical Security
  • Disaster Recovery
  • Security Safeguards
    • Acceptable Use
    • Account Management And User Responsibilities
    • Administrator/Special Access
    • Backup/Recovery
    • Change Management
    • Email
    • Incident Management
    • Internet And Intranet Connectivity
    • Intrusion Detection
    • Network Access
    • Network Configuration
    • Password/Authentication
    • Asset Management
    • Portable Computing
    • Privacy
    • Monitoring Of I.T. Assets
    • Security Awareness And Training
    • Server Hardening
    • Authorized Software
    • Application System Development, Acquisition, And Lifecycle
    • Vendor Access
    • Viruses And Other Malicious Code
    • Wireless Access
    • Vulnerability Assessment
• Institutional Videoconferencing Systems
• Institutional Computer Naming Convention Standards
• Hardware And Software Standards
• Technology Replacement Schedule
• I.T. Procurement Review
• Intellectual Property Rights
• Copyright
  • Copyright And Computer Software
  • Infringement Of Copyrights On Computing Software
• Web Standards
  • Student Web Publishing Standards
  • TTUHSC Web Publishing Standards
  • Web Site Visual Elements Standards
  • Change Management Procedures For Official TTUHSC Web Pages/Sites
  • Information Services Coding Standards, Security, And Audit Controls
  • E-Commerce Applications
  • Web Use And Copyright Standards
  • State Of Texas Web Publishing Standards
• Disciplinary Process
• Definitions
• Guidelines For Operating Systems Security
• Federal and State Statutes
• Notice of Disclaimer of Liability

HSC Resources

• HSC Home
• Welcome to the HSC
  • Welcome to the HSC
  • TTUHSC Strategic Plan
  • The Daily Dose
  • Fact Books
• Office of the President
• Campuses
  • Abilene
  • Amarillo
  • Dallas
  • El Paso
  • Lubbock
  • Permian Basin
• Schools
  • Allied Health Sciences
  • Biomedical Sciences
  • Medicine
    • HSC School of Medicine
    • Foster School of Medicine
  • Nursing
    • HSC School of Nursing
    • Hunt School of Nursing
  • Pharmacy
• Centers & Institutes
• Research
• Administration
  • President's Office
  • Administrative Officers
  • Communications
  • Departments
  • Office of International Affairs
  • Rural & Community Health
  • Finance & Administration
  • Information Technology
  • Policies, Manuals and State Reporting
  • Institutional Compliance
• Human Resources
  • Prospective Employees
  • New Employees
  • Current Employees
  • HR Offices
  • Job Opportunities
  • More »
• Libraries
• Accreditation
  • Office of Institutional Planning and Assessment
  • Quality Enhancement Plan
  • More »
• The Daily Dose
• Emergency Preparedness
• Compliance Hotline

TTUHSC IT Policies

1.4.22   VIRUSES AND OTHER MALICIOUS CODE

The purpose of this policy is:

• To establish procedures that define the responsibilities for reducing the threat of computer viruses to TTUHSC computers and networks
• To establish responsibility for overseeing computer virus prevention activities within TTUHSC, and to establish a reporting mechanism to ensure all appropriate personnel are contacted in case of a computer virus incident
• To promote awareness of the threat posed by computer viruses to TTUHSC students, faculty, staff, and to ensure that virus protection software and procedures are properly implemented and utilized on a regular basis

Due to the collaborative nature and sensitivity of the work performed at TTUHSC, all Institutional computers must have the institutionally provided antivirus software installed.  Users’ continued access to the TTUHSC network is contingent on the installation of institutionally provided antivirus software on all TTUHSC-owned computers. This virus protection software must not be disabled, bypassed, or modified in any way.

Specific Restrictions

TTUHSC expressly prohibits:

• Development of any form of computer virus with the intent to distribute through the TTUHSC network or beyond
• Intentional distribution of a virus, regardless of type (nuisance or destructive)
• Intentional creation of false alarms using hoax virus messages

Specific Responsibilities and Guidelines for Virus Prevention

Students, Faculty, and Staff should:

• Understand the risks associated with viruses and preventative measures that can be reasonably deployed.
• Be aware of and follow the procedures outlined in TTUHSC I.T. announcements (web page or email), which will be used to communicate warnings of potential computer virus threats.
• Treat nuisance viruses with the same urgency as destructive viruses.  Write down the name of the virus, if provided by the virus detection software.
• Write down any recent unusual computer activities (for instance, unexpected disk access, error messages, or screen displays) and, if possible, include when these activities were first noticed.
• Contact the Information Technology Solutions Center when a computer virus is suspected and/or detected.
• Never boot directly from external devices or media until they have been scanned for viruses.  By default, the Institutional antivirus program is configured to automatically scan all devices upon use.  (This is completely done in the background without any visible disruption to the user.)
• Ensure files received from external sources are clean of viruses prior to use or distribution and never use or introduce non-licensed software on any TTUHSC computing device.
• Back up critical data (e.g., student/patient/employee information, data related to Institutional operations, vital mission data, etc.) to a floppy disk or to a drive on the server (see your Department Administrator or Departmental I.T. Representative for access restrictions) at least once a week (or more often for more critical data.)

Computer Security Analyst (CSA) is responsible for:

• Isolating the infected computer(s) from the TTUHSC network as soon as possible.  Reasonable attempts should be made to notify the primary user or the system administrator before disconnecting from the network.  Depending on the nature of the virus, this may not be possible and the I.T. Solutions Center should be contacted prior to disconnecting a computer from the network.  The Solutions Center will coordinate the ITS and networking to minimize any potential risks.
• Identifying and isolating the suspected virus or worm-related file and processes.  Do not power off or reboot computers that may be infected.  There are some viruses that will destroy disk data if the computer is power-cycled or rebooted.  Also, rebooting a computer could destroy needed information or evidence.
• Attempt to halt and/or remove all suspicious processes from the computer.  In the case of a worm attack, it may be necessary to keep the computer(s) isolated from the network until all TTUHSC computers have been inoculated and/or the other Internet sites have been cleaned and inoculated.
• Implement fixes and/or patches to inoculate the computer(s) against further attack.
• Notify the ITS prior to bringing the computers back into full operation mode.  The users should also be notified the computers are returning to a fully operational state.

Information Technology Security (ITS)’s responsibilities include:

• Overseeing computer virus protection activities within TTUHSC which include the desktops and servers, Internet mail gateway, and Exchange Servers.  This is done in coordination with the CSAs.
• Staying current with the latest virus exploits and maintaining attachment filtering lists through the mail servers.
• Evaluating, recommending, and maintaining virus protection software and/or tools for use on TTUHSC PCs, servers, and laptops.
• Coordinating any training on virus control required for CSAs and TTUHSC personnel in general.
• Investigating every report of an apparent computer virus infection, and making every reasonable effort to determine the source of the infection.  The Information Security Officer will keep all affected personnel advised of the investigation.
• Monitoring compliance of virus protection policies.

The CSA and ITS are jointly responsible for:

• Verifying the existence and identifying the type of virus on the user system.
• Coordinating with the anti-virus vendor or other sources on disinfection methods.
• Documenting any recent unusual computer activities (for instance, unexpected disk access, error messages, or screen displays) and, if possible, including when these activities were first noticed.
• Ensuring that the appropriate data for the monthly Department of Information Resources virus report is received by the Information Security Officer no later than the second business day of each month.

Information Technology PC Support/System Support (all campuses) should take the following steps:

• Ensure that virus protection software is installed on every desktop, server, and laptop computer acquired by TTUHSC before they are made available for use by TTUHSC students, staff, or faculty,
• Ensure that the virus protection software has loaded a ‘terminate and stay resident’ (TSR) program or service/daemon to constantly monitor for viruses to prevent introduction to the network,
• Inform the ITS/CSA of new anti-virus installs.  This procedure is to make sure the desktop, server, or laptop can communicate with the anti-virus management server to receive updates,
• Upon receipt of a notice of a possible virus, clarify the symptoms with the user,
• Verify if there is a virus and if so, report the incident to the ITS/CSA, and
• In the event the virus cannot be removed from the infected computer, the ITS/CSA will contact PC Support or System Support to rebuild the computer.

Download Free Adobe Reader

Adobe Acrobat Reader is required to view items marked with this icon:
Please click on the left image to download the free version.

Texas Tech University Health Sciences Center, 3601 4th Street, Lubbock, TX 79430
T: 806.743.1000
it.webmaster@ttuhsc.edu

Online Institutional Resumes

Campus Webmasters | Recommended Web Site Viewing Requirements | General Policy Information

State of Texas Web Site | Texas Homeland Security | Texas Veterans Portal | SAO Fraud Reporting
DMCA Compliance | Compliance Hotline TTUHSC Energy Conservation Report

TTUHSC Home | Texas Tech University System | Texas Tech University | Angelo State University

©2013 Texas Tech University Health Sciences Center | All Rights Reserved