See the Information Security Framework Virus/Malware Protection standard for current requirements.
Computer viruses/malware (including trojans, worms, etc.) represent a substantial risk to the University community in terms of time, money, and potential data loss. The sophistication, damage, and speed of propagation continue to increase.
To protect against the spread of viruses/malware on University computers and reduce institutional risk, the University uses a "two-tier" approach. Two-tier protection means that anti-virus software is used on both the desktop and server systems. This is a common practice for protecting information technology resources on large complex networks and provides a layer of protection beyond that of the basic security requirement of regularly updating and patching the computer system.