6.1  Reasons for Software Security Policies -- Software is a valuable resource that allows computers to do what you want them to do. Software can be stolen, copied, and corrupted in many ways. This is an expensive loss. Imported software or viruses can also cause damage to hardware, other software and data. 

 

6.2  Software security and acceptable use policy. It is important to keep software secure and under control. A list of acceptable software for the school's systems should be compiled. This is the software that the IT department will support. If school personnel need specific software for their work, permission should be obtained from the IT department or administration.

6.3  Virus Prevention, Detection, and Removal -- There are thousands of computer viruses, worms, Trojan horses, and other destructive programs. If they are imported onto a computer they can cause great damage. For that reason computer systems must be protected from these viruses with special anti virus programs that detect and remove these unwanted programs. Every computer should be equipped with a strong anti virus program. 

6.3.1  Regular virus list update -- New viruses are being created every day. And anti virus program companies are continually developing new lists of viruses and protection from them. For that reason, regular (i.e., weekly) updating of virus lists is imperative. 

6.3.2  Routine use of anti virus program -- An anti virus program should be running at all times when any school computer is in use. In addition regularly scheduled virus scans should be done or programmed so that the entire system can be screened for viruses. 

6.3.3  Scanning disks used from other systems. Disks from other systems that are used with school computers should be screened for viruses before use. This can be done automatically by adjusting the anti virus program's setting, or it can be done manually. 

6.4 Controlling Interactive Software. Interactive software includes games and other programs that require the computer operator to interact with the program in some way. These programs can be installed on a computer or they can be used over an internal or external network, such as the Internet. Some of these programs can be highly useful and therapeutic in a work setting, and others (i.e., some games) can take up valuable disk space and work time, and can introduce malicious code. Policies related to the use of only authorized software should address this kind of software. 


6.5 Software Licensing

6.5.1  All software used must be licensed to the organization or its representative using the software. Programs may only be used in the way that they are intended. For example, most software is licensed for one computer at a time use. That license should be respected. All licensing information and software documentation should be kept in a secure and readily accessible place.


6.6  Encryption. See the encryption discussion in Chapter 5.