Maintain a Vulnerability Management Program Clause Samples
The "Maintain a Vulnerability Management Program" clause requires an organization to establish and operate ongoing processes for identifying, assessing, and addressing security vulnerabilities in its systems and software. This typically involves regularly scanning for vulnerabilities, applying patches or updates, and monitoring for new threats that could impact the organization's technology environment. By mandating these practices, the clause helps ensure that security weaknesses are promptly managed, reducing the risk of exploitation and supporting the overall integrity and safety of the organization's information systems.
POPULAR SAMPLE Copied 2 times
Maintain a Vulnerability Management Program. 2.1 Keep operating system(s), firewalls, routers, servers, personal computers (laptops and desktops) and all other systems current with appropriate system patches and updates.
2.2 Configure infrastructure such as firewalls, routers, servers, tablets, smart phones, personal computers (laptops and desktops), and similar components to industry best security practices, including disabling unnecessary services or features, and removing or changing default passwords, IDs and sample files/programs, and enabling the most secure configuration features to avoid unnecessary risks.
2.3 Implement and follow current best security practices for computer virus detection scanning services and procedures: Use, implement and maintain a current, commercially available anti-virus software on all systems, if applicable anti-virus technology exists. Anti-virus software deployed must be capable to detect, remove, and protect against all known types malicious software such as viruses, worms, spyware, adware, Trojans, and root-kits. Ensure that all anti-virus software is current, actively running, and generating audit logs; ensure that anti-virus software is enabled for automatic updates and performs scans on a regular basis. If you suspect an actual or potential virus infecting a system, immediately cease accessing the system and do not resume the inquiry process until the virus has been eliminated.
Maintain a Vulnerability Management Program. 2.1 Keep operating system(s), Firewalls, Routers, servers, personal computers (laptop and desktop) and all other systems current with appropriate system patches and updates.
2.2 Configure infrastructure such as Firewalls, Routers, personal computers, and similar components to industry best security practices, including disabling unnecessary services or features, removing or changing default passwords, IDs and sample files/programs, and enabling the most secure configuration features to avoid unnecessary risks.
2.3 Implement and follow current best security practices for Computer Virus detection scanning services and procedures: • Use, implement and maintain a current, commercially available Computer Virus detection/scanning product on all computers, systems and networks. • If you suspect an actual or potential virus, immediately cease accessing the system and do not resume the inquiry process until the virus has been eliminated. • On a weekly basis at a minimum, keep anti-virus software up-to-date by vigilantly checking or configuring auto updates and installing new virus definition files.
2.4 Implement and follow current best security practices for computer anti-Spyware scanning services and procedures: • Use, implement and maintain a current, commercially available computer anti- Spyware scanning product on all computers, systems and networks. • If you suspect actual or potential Spyware, immediately cease accessing the system and do not resume the inquiry process until the problem has been resolved and eliminated. • Run a secondary anti-Spyware scan upon completion of the first scan to ensure all Spyware has been removed from your computers. • Keep anti-Spyware software up-to-date by vigilantly checking or configuring auto updates and installing new anti-Spyware definition files weekly, at a minimum. If your company’s computers have unfiltered or unblocked access to the Internet (which prevents access to some known problematic sites), then it is recommended that anti-Spyware scans be completed more frequently than weekly.
Maintain a Vulnerability Management Program. ● Keep operating system(s), firewalls, routers, servers, personal computers (laptop and desktop) and all other systems current with appropriate system patches and updates in accordance with MUIS’s procedures. ● Configure infrastructure such as firewalls, routers, personal computers, and similar components to industry standard security practices, including disabling unnecessary services or features, removing or changing default passwords, IDs and sample files/programs, and enabling the most secure configuration features to avoid unnecessary risks. ● Implement and follow industry standard security practices for computer virus detection scanning services and procedures.