Select Page

Continuing our EstesCloud IT Security blog series on the importance of cyber security, which began with why you should write a security policy, we continue with our next edition about malware.

A server malware protection policy is designed to protect your systems from cyberattacks. Malware is software with the intention to damage or disable computers or computer systems. It can be code, spyware, cookies, viruses, worms, Trojan horses, and more that compromise your PC and possibly your whole network!  They can be very expensive to correct, not just in lost productivity, but also in equipment restoration or replacement.

Malicious software typically enters in 6 ways:

  1. E-mail attachments
  2. E-mail links to suspicious websites
  3. Website surfing to problematic websites
  4. Website links to malicious sites
  5. Exploiting vulnerabilities in the hosts, communication networks or perimeter systems.
  6. Convincing a user to install infected software/apps

How to create a server malware protection policy

Why a malware policy?

Just as with any policy, you will begin with the “Why”. Why are you creating the policy?  Presumably it’s to minimize the likelihood and the subsequent impact of an infection.

Who does it apply to?

Define and clarify the scope of the policy. What equipment is included?

What are we talking about?

Create some definitions about the vocabulary being used such as:

What is malware?

What damage can it cause?

What is an anti-virus program?

What is filtering software?

How is the malware policy activated?

Where do we go for additional resources?

The malware policy itself:

State what the policy is. Suggestions include:

  • What the anti-virus program is, who installs it and what devices require installation.
  • What to do in case of new devices, suspected infection, suspicious or problematic software links.
  • How and when scans should be run and if they are manual or automatically scheduled.
  • How the software should be monitored, updated and management of the required updates
  • Rules about installing applications, downloading information, updating software, and opening attachments.
  • The use of filtering programs such as website blockers and e-mail scanning.
  • Rules about spam, junk mail, chain e-mails, social sites and any other applicable areas of potential risk.

A malware policy response plan

Sometimes all the policies, plans and procedures can’t stop a cyberattack, in which case you may consider a malware response plan. This response plan should be included as part of the malware policy.

The malware policy back up plan kicks into action when there is an infection or a threat. It is typically a flow chart of action steps to mitigate as much damage as possible.

Step 1

Determine if there is a threat and how significant it is.

Step 2

Isolate the problem. The solution may require blocking internet services or shutting down a server or workstation to prevent further infection.

Step 3

Remove the problem. This is what the anti-virus programs are designed for. It may simply be a scan, repair, re-installing the OS from original disks, or even replacement of equipment.

Step 4

Recovery. Once the problem has been isolated and eliminated, check the systems for any other problems.  Depending on the depth of infection, you might consider the venerable “format C:” to remove most (but not all!) infections.  Be careful you don’t re-infect your system as you restore data, and make sure you close the attack vector so you don’t get re-infected!  It is absolutely essential that your backup and disaster recovery plan be 100%, as some infections (like CryptoWall) cannot be removed!

Step 5

Communication. Talk about the malware was able to cause damage. Talk about the situation with users and make any needed adjustments with the IT company to avoid it happening again in the future.

The bulk of information involved in a malware policy is in the communication to users about what it is, how it can be prevented and what to do in case there is an infection.

See SANS for a sample malware policy at https://www.sans.org/security-resources/policies/retired#server-malware-protection-policy

With EstesCloud ServerCare, ClientCare, and our HIPPA ComplianceCare antivirus and filtering software is installed to help reduce incidents, as well as provide support if there is an issue.

EstesCloud // Explore our Managed Services Solution:

CompleteCare: Maintaining your own IT infrastructure is expensive and frustrating. EstesCloud CompleteCare combines the benefits of our ServerCare and ClientCare programs into one comprehensive program that protects your entire IT infrastructure at a predictable fixed cost.  Let the EstesCloud team become your Trusted IT Advisor, so you can get back to growing your business.
Let’s start the conversation!


ServerCare: A proactive approach to IT that includes regular scheduled maintenance and monitoring is essential to maintaining a healthy network and a productive staff.
EstesCloud ServerCare will give you peace of mind knowing that our team is continually watching and caring for your servers.
Discover the Benefits of ServerCare.


ClientCare: Proactive support for your desktops, laptops, and mobile devices.  We provide all of the monitoring, patching, and security tools for your systems, plus full access to our help desk services 24/7/365.
EstesCloud ClientCare will ensure your valuable data is secure whenever and wherever it is needed.

Take control of your systems today.


ComplianceCare: Are you a medical provider under HIPAA or HITECH regulatory compliance? Are government auditors keeping you up at night? Our HIPPA IT Management Service will ensure you are HIPPA compliant.

For the health of your IT Enterprise.

Take the first step to reduce cost and increase the productivity of your business. Give us a call at 888.300.2340, and

Join Us At Epicor Insights 2017

For a special gathering at Fuse Sports Bar.

You could win an Amazon Alexa and a two our business process review from Ben Nixon.

Join the fun as we talk Epicor and the issues you have in business.

Check your E-Mail for some special information.