What is the role of anti-virus software in your regulatory compliance efforts?

It's impossible to use an Internet-connected computer today without being surrounded by threats from viruses, hackers, and malicious code. But exactly which areas of the infrastructure are at risk is an oft-debated topic. Some popular views hold that client PCs are at risk and midrange servers are safe. Other views hold that the transmission process flows from the client PC to the midrange server. The first view is false. In today's interconnected environments, no system is immune to virus infection. The second view is true, but it's only part of the story.

The reality is that, while viruses may enter the environment through a client PC and travel to the server, the threat actually can flow both ways. Protection only on client PCs is insufficient to keep your network free from malicious code. A virus may enter the environment via the server, or it may enter via the client. Either way, once it's there, it needs to be identified and eliminated at the source.

Platform is not a distinguishing variable in this threat. You may be running IBM i, Linux, or AIX on a given server, and this may give a sense of security. All of these platforms, however, are vulnerable to virus and malicious code infection just like Windows. The difference is that, because the code may not execute on these systems, there are no symptoms to alert you to its presence. This creates a "Typhoid Mary" effect that can increase the danger. Just a quick jump to a client PC allows the code to run, and cleaning the infected client doesn't remove the virus. The result is repeated infection.

Understanding this danger, the authors of guidelines such as Control Objectives for Information and Related Technology (COBIT) and several sets from the National Institute of Standards and Technologies (NIST) have outlined the need for anti-virus on all systems. Lawmakers have also taken additional steps in the form of regulatory legislation to make certain that every organization covers all the bases. No doubt the implications of having sensitive information compromised are enough to motivate any IT manager to take a closer look, but regulatory requirements make this even more critical.

As a brief introduction to these regulatory guidelines and requirements, let's look at a key excerpt from the COBIT guidelines that is very specific to combating the threat of malicious code:

COBIT Objective DS5.19 covers "Malicious Software Prevention, Detection, and Correction." Paraphrased, DS5.19 states that, regarding malicious software, such as computer viruses or Trojan horses, management should establish a framework of adequate preventative, detective, and corrective control measures, and occurrence response and reporting. Business and IT management must establish procedures across the organization to protect information systems and technology from computer viruses. Procedures should incorporate virus protection, detection, occurrence response, and reporting.

In addition, an excerpt from NIST document 800-61 "Computer Security Incident Handling Guide" (page 5-4, 5.2.2) states that "antivirus software is a necessity to combat the threat of malicious code and limit damage. The software should be running on all hosts throughout the organization."

Selecting and deploying a native solution for every IBM i, Linux, and AIX server in your environment should be a key step in your efforts to better secure your information and to comply with regulatory legislation. For managers of midrange servers, there is an easy and consistent solution available called StandGuard Anti-Virus. Powered by McAfee, StandGuard Anti-Virus allows you to implement the same scanning engine and virus definition files across the entire environment, including IBM i, Linux, AIX, and even Lotus Domino. And because it uses the same virus definition files as McAfee's Windows solutions, you can truly create a consistent blanket across the entire network to meet the recommendations and requirements of regulations.

If you're interested in a more in-depth look at viruses, regulatory compliance, and midrange servers, take a look at the free white paper "The Modern Virus Threat and Regulatory Compliance" by visiting the StandGuard Anti-Virus information site at http://www.sgav.info/. A Webcast version of "The Modern Virus Threat" is also available.

If you're already working on advanced protection for your systems and have not yet added anti-virus to your toolkit, you can get a jump on this component by testing the McAfee-powered StandGuard Anti-Virus for IBM i, AIX, and Linux by requesting a free trial today.

Christopher Jones is principal and creative director of Stellar Debris and works with leading IBM Power Systems developers, including Bytware and PowerTech. He writes on a variety of topics related to the Internet, security threats, and the use of technology. Christopher lives in and works from Tokyo.