Malware Protection Policy

The purpose of this policy is to protect the information systems at UTAS-Sur from malicious software threats, such as viruses, worms, Trojans, and email bombs. 

This policy applies to all members of UTAS-Sur, whether on a temporary or permanent basis as well as any third parties working with or contracted by the university, it covers all environments where the university’s information systems are operated. 

Information Systems and Educational Technologies Center.

‏Assistant Vice Chancellor for UTAS – Sur.

Any violation of this policy by all members or third parties (suppliers, contractors, business partners, etc.) will be subject to disciplinary and legal actions in accordance with the laws of the Sultanate of Oman, including regulations related to cybersecurity, university’s policies, labor laws, and electronic transactions. 

Use of Internationally Recognized Anti-Virus Solutions: 

• UTAS-Sur must implement a well-defined mechanism for detecting, preventing, and responding to malicious code threats. 

• A centrally managed and continuously updated antivirus program must be installed across all university systems and infrastructure. 

• Recommended using the EDR system instead of known Antivirus software to detect and respond any polymorphic malware and resistant to zero-day attack. 

Detection and Prevention of Malicious Code: 

• All devices, whether owned by the university or external entities, must be scanned for malware before connecting to the UTAS network using proper Network Access Control (NAC) service. 

• UTAS-Sur must deploy EDR/antivirus solutions at key entry points to prevent malware infiltration. 

• EDR/antivirus software and its definitions must be updated daily or immediately upon new threat discoveries. 

• Users must be restricted from disabling or uninstalling security tools on university systems. 

• All devices connected to the UTAS-Sur. systems, including USB drives and removable media, must be scanned before use. 

 

 User Responsibilities: 

• Users must exercise caution when downloading files from the internet. 

• Users must not open email attachments or execute files from untrusted sources. 

• Tampering with or disabling EDR/antivirus solutions installed on university systems is strictly prohibited. 

• Any suspected virus infection or unusual system behavior must be reported immediately to the Information Systems and Educational Technologies Center Team.

• Users must ensure that any externally sourced digital media is scanned before use on university systems. 

 

 Removal of Malicious Code: 

• Any system found to be infected with malware must be immediately isolated and sanitized. 

• UTAS-Sur must enforce automated removal of malware through centrally managed security tools. 

• Incidents involving malware attacks must be documented, analyzed, and mitigated according to the university’s security protocols.

 

This policy shall take effect from the approval date.