Computer viruses and worms are a major threat to information security resulting in loss of data, damaging systems and disruption of networks. This document explains the guidelines recommended by the Asian School of Cyber Laws (ASCL) for minimizing exposure to computer virus and contaminant related problems.

This policy seeks to protect ASCL and its employees, students, consultants, licensees, lessees, franchisees, vendors, customers, and affiliates.

2.0 SCOPE

This policy applies to all employees, students, consultants, licensees, lessees, franchisees, vendors, customers, agents, and affiliates of ASCL and to all electronic transactions wherein one or more parties are one or more of the above-mentioned.

3.0 POLICY

Recommended processes to prevent virus problems:

1. Always run the ASCL-recommended anti virus software procured from the Information Security division of ASCL. Ensure that you run the current version and install anti-virus software updates, as they are made available by the Information Security division.

2. NEVER open any files or macros attached to an email from an unknown, suspicious or untrustworthy source. Delete these attachments immediately and then emptying the Trash.

3. Delete spam, chain, and other junk email without forwarding, in with ASCL's Acceptable Use Policy.

4. Never download files or email attachments from unknown or unauthorised sources.

5. Avoid direct disk sharing with read/write access unless there is absolutely a business requirement to do so.

6. Always scan a floppy diskette from an unknown source for viruses before using it.

7. If lab-testing conflicts with anti-virus software, run the anti-virus utility to ensure a clean machine, disable the software, then run the lab test. After the lab test, enable the anti-virus software. When the anti-virus software is disabled, do not run any applications that could transfer a virus, e.g., email or file sharing.

8. New viruses are discovered almost every day. Periodically check the Lab Anti-Virus Policy and this Recommended Processes list for updates.

9. Up-dation of anti-virus software should be done only through designated source.

10. DO NOT trust any other source for virus protection patches.

1. "computer contaminant" means any set of computer instructions that are designed-

   • to modify, destroy, record, transmit data or programme residing within a computer, computer system or computer network; or

   • by any means to usurp the normal operation of the computer, computer system, or computer network;

2. "computer virus" means any computer instruction, information, data or programme that destroys, damages, degrades or adversely affects the performance of a computer resource or attaches itself to another computer resource and operates when a programme, data or instruction is executed or some other event takes place in that computer resource;

5.0 REVISION HISTORY

This document is created on 15-01-2001 and has been last updated on 22-02-2003. Please note that this document is updated on a regular basis and the latest version can be obtained from: