Skip to content

FDIC Guidance on Developing an Effective Computer Virus Protection Program

The FDIC issued guidance to banks on developing an effective computer virus protection program. FIL 62-2004 on June 7, 2004 emphasizes the importance many banks have on using technology and using it to communicate with customers. Email was emphasized, but we see with Scob (JS.Scob.Trojan) that banks should look further. Some considerations the FDIC mentions include:

  • virus protection should be a part of your information security program
  • installation and maintenance/updates are critical and should be addressed at desktops, laptops, servers and gateways
  • employees should be trained on how to protect their systems and about email attachments
  • maintain the operating systems with updated patches and releases
  • consider what attachments should be allowed based on their extension and possibility of carrying a virus
  • scan programs prior to uploading
  • perform periodic audits to test your anti-virus program
  • provide multiple layers of protection

Use an alert service so you know when an attack is beginning. Anti-virus programs cannot stop an attack until they know what is there. So those initial systems infected by a new virus have no protection, but lead to the development of the protection. Early notification raises your awareness level to be additionally cautious and to update your programs as soon as a release is out.

First published on 06/29/04

First published on 06/29/2004

Filed under: 
Filed under technology as: 

Banker Store View All

From training, policies, forms, and publications, to office products and occasional gifts, it’s available here:

Banker Store

hot right now

image description

Looking for effective, convenient training on a particular subject?

BOL Learning Connect offers more than 200 courses ON-DEMAND or on CD ROM from AML to Reg Z and every topic in between.

Search Topics