Requirement 5: Use and regularly update anti-virus software or programs

Many vulnerabilities and malicious viruses enter the network via employees' e-mail activities. Anti-virus software must be used on all systems commonly affected by viruses to protect systems from malicious software.

5.1 Deploy anti-virus software on all systems commonly affected by viruses (particularly personal computers and servers)
Note: Systems commonly affected by viruses typically do not include UNIX-based operating systems or mainframes.

5.1.1 Ensure that anti-virus programs are capable of detecting, removing, and protecting against other forms of malicious software, including spyware and adware.

All machines on the network have Symantec Anti Virus Enterprise installed.  Each client is setup to run realtime protection for viruses and spyware.

 

5.2 Ensure that all anti-virus mechanisms are current, actively running, and capable of generating audit logs.

All computers log data to a centralized console for review by our network team.