Federal Electricity & Water Authority (FEWA) -

Ajman
Information Security Management System

Antivirus Policy
Version 1.8

Approved by:
Abdulltatif Galadari <date of approval>
Information Technology Director
Document review and approval
Revision history
Version Author Date Revision
1.0 Neha Vyas 30th May 2014 Document Created
1.1 Somaya AlWejdani 23rd June 2014 Review and Update
1.2 Huda AlHamdi 17th July 2014 Reviewed
1.3 Somaya AlWejdani 21st July 2014 Review and Update
Abhinav
23rd Nov 2014 Reviewed
1.4 Srinivasaraghavan
Abhinav
14th May 2015 Revised
1.5 Srinivasaraghavan
1.6 Abdul Rahman Shiekh 17th April 2016 Review and Update
1.7 Manal Saleh 17th April 2016 Final
1.8 Huda Ali 7th Aug 2016 Added the responsibility of users

This document has been approved by

Version Name Signature Date reviewed
1.3 4/8/2014
Abdulltatif Galadari
1.7 16th-June-2016
Abdulltatif Galadari
1.8 Abdulltatif Galadari 11th- August-2016

FEWA Internal
Page 2 of 8 Version 1.8
Contents
1 PURPOSE ...................................................................................................................................... 4
2 SCOPE ........................................................................................................................................... 4
3 DEFINITIONS & ABBREVIATIONS ................................................................................................... 4
4 ROLES AND RESPONSIBILITIES ...................................................................................................... 4
5 ANTIVIRUS POLICY ........................................................................................................................ 4
5.1 GENERAL ........................................................................................................................................... 4
5.2 OPERATING SYSTEM MALWARE PROTECTION ........................................................................................... 6
5.3 SERVER ANTIVIRUS .............................................................................................................................. 6
5.4 MAIL GATEWAY ANTISPAM................................................................................................................... 6
5.5 INCIDENT HANDLING AND COMMUNICATION ............................................................................................ 6
6 END USER ..................................................................................................................................... 7
6.1 USER BEHAVIOUR ............................................................................................................................... 7
6.2 INCIDENT HANDLING AND COMMUNICATION ............................................................................................ 7
7 COMPLIANCE ................................................................................................................................ 7
8 RELATED DOCUMENTS .................................................................................................................. 7

FEWA Internal
Page 3 of 8 Version 1.8
Purpose
The purpose of this policy is to protect the organizations information systems against
malicious software such as viruses, worms, spyware, etc.

Scope
This policy applies to all FEWA employees, contractors, consultants and temporary staff
hereafter referred to as users.

Definitions & Abbreviations

Term Definition
ISMS Information Security Management System
CISO Chief Information Security Officer
Malware is software designed to infiltrate or damage a
computer system without the owner's informed
consent. The expression is a general term used by
Malware
computer professionals to mean a variety of forms of
hostile, intrusive, or annoying software or program
code.

Roles and Responsibilities

Role Responsibilities
Ensure the complete implementation and enforcement of this
CISO
policy on the users
All users are responsible to read, understand and adhere to
User/FEWA this policy in their day to day activities.
Employee

1. Antivirus Policy

1.1 General
1.1.1. Anti virus software should be installed and enabled on all desktops, servers and

other hand held devices to prevent, detect and protect against any malicious
software. FEWA has currently approve Symantec for protecting all the windows
compute environment.

1.1.2. In case of systems where virus scanners cannot be installed, it is necessary for

the IT department to document the reason and/or develop a strategy to mitigate

the risk.

FEWA Internal
Page 4 of 8 Version 1.8
1.1.3. Virus scanners and/or detection programs must be started as part of the start-

up process on all information systems and must remain resident throughout the
computing session.

1.1.4. Staff found tampering with the configuration, settings, etc., on their individual

PCs or otherwise, in a manner not authorised by the designated Anti-Virus

specialist, will be deemed to be in breach of this policy and may be liable to
disciplinary action.

1.1.5. Virus definitions of Anti-Virus software on all devices should be updated

automatically on a frequent basis either through the centralized Anti-Virus

management server or through internet.

1.1.6. Anti-Virus technology should also be implemented at the perimeter of the

network, on central servers such as email servers. The objective is to prevent

viruses, Trojans, worms, etc. from entering its corporate network.

1.1.7. External storage media such as thumb drives, external hard disks, CDs, etc.

should be scanned for virus before use.

1.1.8. A Centralized Anti-Virus server shall be deployed to check all the incoming and

outgoing SMTP traffic through Internet.

1.1.9. Anti-Virus & Malware activities shall be centrally managed. Central monitoring

and logging console shall be deployed, to monitor the status of pattern updates
on all the computers and to log the activities performed on them.

1.1.10. All computers shall be configured to generate an alert at the central Anti-Virus &

Malware console.

1.1.11. Only authorized software approved by IT Division should be installed and used

on the servers, workstations and other computing devices such as the blackberry.

1.1.12. Users should not execute any executable file received in email.

FEWA Internal
Page 5 of 8 Version 1.8
1.2 Operating System Malware Protection

1.2.1. Suitable malware protection software shall be deployed and operating on all
client workstations, laptops and servers.
1.2.2. Malware protection software shall perform real-time scanning protection, which
is able to check any file access.
1.2.3. Malware protection software engine deployed by FEWA IT and patterns shall be
up-to-date, updates shall take place regularly and whenever there are any new
patterns.
1.2.4. Centralized compliance monitoring and event reporting shall be deployed.
1.2.5. A full scan is scheduled on a weekly basis.

1.3 Server Antivirus

1.3.1. Suitable malware protection software shall be deployed and operating on
servers, which is able to check incoming, stored and outgoing emails including
attachments for malware
1.3.2. Malware protection software shall perform real-time scanning protection, which
is able to check any email
1.3.3. Malware protection software engine and patterns shall be up-to-date, updates
shall take place regularly and whenever there are any new patterns
1.3.4. Centralized compliance monitoring and event reporting shall be deployed.

1.4 Mail Gateway Antispam

1.4.1. Suitable Antispam software shall be deployed and operating on mail gateways,
which is able to check inbound traffic.
1.4.2. Antispam software shall perform real-time scanning protection, which is able to
check any inbound traffic and move any spam to the Spam Folder.
1.4.3. Antispam software engine and patterns shall be up-to-date, updates shall take
place regularly and whenever there are any new patterns.
1.4.4. Centralized compliance monitoring and event reporting shall be deployed.

1.5 Incident Handling and Communication

1.5.1. Administrators shall follow the FEWA incident management policy in case of any
malware detection which cannot be cleaned by the Malware protection

FEWA Internal
Page 6 of 8 Version 1.8
 software. If necessary or adequate, the vendor of the malware
protection/antispam software should be contacted to receive adequate
workaround or updates.

2. End User

2.1 User Behaviour

2.1.1. User shall only exchange information with business partners in compliance with
the Network and Communication Security Policy.
2.1.2. User shall take due care when accessing Internet services and exchanging emails,
following the Acceptable Use Policy.

3. Incident Handling and Communication

3.1.1. User shall report any real or suspected malware occurrence, e.g. unexpected
screen messages, chain letters information about new malware threats, requests
of specific user actions, and any problems with computer operations to the CISO.
3.1.2. End Users shall not attempt to solve the problem themselves but shall
immediately contact the CISO.
3.1.3. User shall note any important details of the incident, e.g. occurring malfunction,
messages on the screen, strange behaviour and report this to the CISO, in line
with the Incident Management Policy.
3.1.4. User will be informed and guided by the CISO about information on real (vs. hoax)
threats and the procedures for handling each type of attack.

4. Compliance
All users are requested to comply with this policy. In case of breach/violate, the user
would be subjected to disciplinary action. Violations shall be notified to IT Support and
HR. Strict confidentiality shall be maintained on all notified violations.

5. Related Documents
FEWA_ISMS_Network and Communications Security Policy
FEWA_ISMS_Incident Management Policy
FEWA_ISMS_Acceptable Use Policy

FEWA Internal
Page 7 of 8 Version 1.8
FEWA_ISMS_Management Review Form

FEWA Internal
Page 8 of 8 Version 1.8