Cyber Essentials Self Assessment: Malware Protection

This security wiki provides guidelines for implementing malware protection measures across your organisation's devices. Follow these recommendations to safeguard your desktop computers, laptops, tablets, and mobile phones from malware threats.

A8.1. Malware Protection Options:

Select all the options that are in use in your organisation to protect your devices from malware:

Option A: Anti-malware software is installed on all in-scope devices running Windows or macOS, including servers, desktop computers, and laptop computers.

Option B: Installation of applications is limited by using an app store and a list of approved applications or by employing a Mobile Device Management (MDM) solution.

Provide the necessary information for the selected options to accurately describe your organisation's malware protection practices.

A8.2. Anti-Malware Software Update Configuration:

If Option A has been selected, confirm whether the anti-malware software installed on your devices is configured to update in line with the vendor's guidelines and prevent malware from running upon detection. This ensures that the software remains up to date with the latest security definitions and offers real-time protection against malware threats.

A8.3. Web Page Scanning and Warning Configuration:

If Option A has been selected, indicate whether the anti-malware software or internet browser used on your devices is configured to scan web pages and issue warnings when accessing known malicious websites. This additional layer of protection helps prevent users from inadvertently visiting websites that could host malware or engage in malicious activities.

A8.4. Restriction on Installing Unsigned Applications:

If Option B has been selected, specify if users on devices utilising an app store or application signing are restricted from installing unsigned applications. Unsigned applications refer to those that have not been digitally signed or verified by a trusted entity. This restriction is commonly implemented in operating systems such as Windows S, Chromebooks, mobile phones, and tablets.

A8.5. Installation of Approved Applications:

If Option B has been selected, describe how your organisation ensures that users only install applications approved by your organisation on devices utilising an app store or application signing. Additionally, mention if your organisation maintains a list of approved applications. This can be achieved through measures such as Mobile Device Management (MDM) software, policy enforcement, processes, and staff training. The goal is to ensure that users only download and install trusted applications that have undergone appropriate scrutiny and meet your organisation's security standards.

By implementing robust malware protection measures, including anti-malware software, application restrictions, and user education, you can significantly reduce the risk of malware infections and enhance the overall security posture of your organisation's devices.

Note: Adapt these guidelines to align with your organisation's specific requirements and consult with cybersecurity professionals for tailored advice on malware protection.

Find out more about Periculo Cyber Essentials or contact us