The entity implements controls to prevent or detect and act upon the introduction of unauthorized or malicious software to meet the entity’s objectives
The ability to install applications and software is restricted to authorized individuals
Processes are in place to detect changes to software and configuration parameters that may be indicative of unauthorized or malicious software
A management-defined change control process is used for the implementation of software
Antivirus and anti-malware software is implemented and maintained to provide for the interception or detection and remediation of malware
Procedures are in place to scan information assets that have been transferred or returned to the entity’s custody for malware and other unauthorized software and to remove any items detected prior to its implementation on the network.
- CHG-02.1 - Prohibition Of Changes
- END-04 - Malicious Code Protection (Anti-Malware)
- END-06 - Endpoint File Integrity Monitoring (FIM)
- END-07 - Host Intrusion Detection and Prevention Systems (HIDS / HIPS)
- MON-01.7 - File Integrity Monitoring (FIM)
- NET-03 - Boundary Protection
- NET-08 - Network Intrusion Detection / Prevention Systems (NIDS / NIPS)