UnixTime

Research Note

Malware Protection Standard

Use this standard to define minimum malware protection requirements for endpoints, servers, mobile devices, cloud workloads, email, web access, file uploads, and removable media.

On this page

When to use this

Use this standard to define minimum malware protection requirements for endpoints, servers, mobile devices, cloud workloads, email, web access, file uploads, and removable media.

Standard requirements

Area Minimum requirement Owner Evidence
Endpoints TBD TBD TBD
Servers TBD TBD TBD
Mobile devices TBD TBD TBD
Email/web/file scanning TBD TBD TBD
Updates TBD TBD TBD
Infection response TBD TBD TBD

Minimum checks

  • Approved malware protection tools are defined.
  • Coverage expectations are defined by system type.
  • Update frequency and fallback manual update process are defined.
  • Real-time or scheduled scanning requirements are defined.
  • Infection response and escalation are defined.
  • User awareness requirements are defined.