Skip to main contentSkip to main navigationSkip to footer content

Anti-Virus and Security Measures Policy

Policy Purpose

This policy defines security measures such as Anti-Virus and OS updates to protect campus computing devices against viruses, rootkits, and other forms of malware. This is a security standard and is required for the University in order to align with UA System security and auditing mandates.

Policy Statement

It shall be the policy of the University of Arkansas-Fort Smith to adhere to the security measures outlined in the Policy Procedure section. 

Applicability

This policy applies to all University computing devices, as well as all personal and 3rd party devices that connect to the University wired and wireless network. 

Definitions

OS – Operating System

Policy Procedure

Windows Workstations and Laptops:
1. UAFS Windows workstations are required to run up to date Anti-Virus.
2. Anti-Virus scans are to be run nightly.
3. Personal and 3rd party Windows OS laptops or workstations must have Anti-Virus installed along with up to date definitions.
4. Personal devices are not allowed to connect to the wired network. They must connect to the UAFS wireless.
Phones, Tablets, and Misc Devices:
1. Phones, tablets, and smaller computing devices are not required to run Anti-Virus to connect to the UAFS wireless. These devices should have their OS (Apple, Android, Google, Microsoft, etc) kept up to date with the latest releases for proper security protection.
Windows Servers:
1. UAFS Windows Servers are required to run up to date Anti-Virus.
2. Anti-Virus scans are to be run nightly at a minimum.
Apple Devices (iMacs, MacBooks, iPads, etc)
1. Apple devices have security protection built into the OS.
2. Apple devices should have the all critical and important OS and security patches installed as they become available so the Apple security protections can be kept up to date. 
Linux servers and workstations:
1. Redhat recommends the following minimum measures must be used for linux security.
a. Devices must be kept up to date with the latest critical and important OS and security patches as they become available.
b. IP tables or other firewalls must be in place.
c. Untrusted code must never be installed on the system
d. Users must use the sudo command and not use root, except under special circumstances.

Enforcement

1. If personal devices are found to have malware installed, they will be disconnected and locked out of the wireless network, until the situation is corrected to the satisfaction of the IT department.
2. University devices found to have malware installed will be scanned remotely or picked up by the Service Desk until the situation is corrected to the satisfaction of the IT department.

Policy Management

This policy is managed by the IT department. The IT Director and appointed IT personnel are the primary administrators of this policy. The responsible executive is the VCFA.

Exclusions

Exclusions will be taken on a case by case basis by the IT department.

Effective and Approved Date

This internal policy was approved by Terry Meadows – Director of IT/CIO on 3/9/2023

Last Updated

Last updated by Terry Meadows – Director of IT/CIO on 9/10/2025 with formatting changes.