MDR100T@ODUVM.BITNET (Margie Rogis) (06/19/89)
Here at Old Dominion University, our internal auditors have asked that a virus policy be adopted. We are forming a working group, composed of a mainframe systems person, pc/lab person, and academic services person. I joined this list in the hopes of learning from those who have gone before! I am seeking any advice, or policies set up by other institutions which could help us define our own. I suppose we would like to address prevention, detection, and recovery, as well as procedures for dealing with anyone caught trying to infect any of our systems. Any responses would be GREATLY appreciated.
kelly@uts.amdahl.com (Kelly Goen) (06/22/89)
Hi margie, having dealt with this problem as a consultant at a couple of silicon valley corps I have just one issue to raise from your article. In most cases the person who is the human causative agent in the spread of an infection is in most cases totally unaware that some of the disk that he/she/it is using are infected... thus it is kind of hard to discipline that person... what could be done instead is to set up a test cpu that the software can be run on first to attempt to detect evidence of infectious agents(of course if the virus in question has a sufficiently long pre-trigger level even that may not be sufficient) (n.b. a pre-trigger is used in this context to describe an interval that the virus will not manifest its infectious capability) kelly goen CSS Inc.
lmi312@leah.Albany.EDU (TheBabeWithThePwr) (06/26/89)
> Here at Old Dominion University, our internal auditors have asked that a > virus policy be adopted. We are forming a working group, composed of a > mainframe systems person, pc/lab person, and academic services person. > > I joined this list in the hopes of learning from those who have gone > before! I am seeking any advice, or policies set up by other > institutions which could help us define our own. > > I suppose we would like to address prevention, detection, and recovery, as > well as procedures for dealing with anyone caught trying to infect any > of our systems. > > Any responses would be GREATLY appreciated. Although there is no real policy set at my school, SUNY Albany, there was a student who did write and release a virus on our system. To the best of my knowledge, he was fined and disusered...supposedly he is now attending MIT.