A type of software used to prevent, detect, and remove malicious software. In the context of ISO 27001, antivirus is a key technical control used to protect against malware. It’s an essential part of an organisation’s overall strategy to maintain the confidentiality, integrity, and availability of information.
ISO 27001 Context
The ISO 27001 standard doesn’t specifically use the term antivirus, but it’s directly addressed under the control for Protection Against Malware (ISO 27001 Annex A 8.7 Protection Against Malware). This control requires a multi-layered approach to security that includes:
- Anti-malware software: This is where anti-virus fits in. It must be properly installed and kept up-to-date on all relevant devices.
- User awareness: Training employees to recognise and avoid malware threats.
- Controlled access: Restricting access to unauthorised websites and software to prevent malware from entering the network.
- Regular monitoring: Continuously scanning systems and reviewing logs to detect any signs of malware.
Best Practice
Relying solely on anti-virus software is not considered sufficient for compliance. ISO 27001 emphasises a defence in depth approach, where antivirus is just one of several integrated controls that work together to protect the organisation from evolving threats.
