Medium

Purpose

Minimize risk of malicious attacks or via malicious software and identify vulnerabilities by implementing minimum operating standards as it relates to endpoint security software.

Standard

  1. The State's approved and centrally managed anti-malware and vulnerability solutions shall be installed and active on all State-managed devices.
  2. Endpoint security software and associated signatures shall be configured to automatically update when new releases become available.
  3. All incoming files will be scanned in real-time for malware.
  4. Vulnerability scans will be performed daily on workstations and weekly on servers.
  5. Files containing malware will be prevented from executing or will be deleted.
  6. Email shall be scanned in real time for malicious content through the State’s approved email solution.
  7. State-issued mobile devices shall have the State’s approved mobile device management software installed for devices that can effectively run the client.
  8. State’s approved mobile device management software shall implement additional security protections for non-state devices authorized to access state data.

Definition

Mobile Device - A mobile device is a handheld device with local storage, cameras and video recording capability which includes but is not exclusive to smart phones, smart watches and tablets. Mobile devices support the synchronization of local data with a different location such as a laptop, server or automated cloud backup.

Endpoint - Any physical system that connects to and exchanges information with a computer network (e.g. server, workstation, laptop).

Malware - malicious software, trojans, ransomware, backdoors, rootkits, viruses, and spyware.

Vulnerability - a flaw in code or design that creates security risk of an endpoint

Signature - The binary pattern of malware, used by the anti-malware program to detect and eliminate the malware.

Guidance

The intent is to have security protection on all devices that have the potential of malware exploitation.

Policy

Implement and maintain enterprise security protection solutions on state devices.

Scope

This standard applies to all executive branch state agencies including the University Systems Office but excluding other higher education institutions, i.e. campuses and agricultural and research centers.

Statement of Commitment

North Dakota's CIO directs that IT Policy be created to establish statewide information technology policies and standards as defined within ND Century Code (Chapter 54-59-09).

Governance and Compliance

Non-compliance with this standard shall be reported to the Office of the State Auditor.

Noncompliance to this standard has been classified as high-risk i.e. having impact on the integrity of enterprise information systems. Violations to this standard will result in NDIT operations taking immediate action to prevent enterprise risk prior to the reporting of noncompliance to the Office of the State Auditor.

Revision Number: 7
Effective Date: 2004-03-15
Revision Date: 2024-07-31
Last Reviewed: 2024-07-31

Previously named Anti-Malware Standard.