Action on computer viruses

IT Services has been looking again at its response to the threat posed by computer viruses. The policy followed in St Andrews has always aimed at a compromise between too much and too little security.

Can there be too much security? Yes, there can, as people with older PCs found when Microsoft Word was taking two minutes to open a document because of the anti-virus "Gatekeeper" program. Here was a case when the "cure" was disproportionate to the risk, and these users plainly had to adopt an alternative strategy, or else get more powerful computers.

But there can also be too little security. Allowing your virus protection to get out of date, or failing to use it at all, can allow viruses to get past. So how big a problem is it? Some people, having seen viruses come and go without destroying any of their data, are thinking that the virus menace has been exaggerated. This may be so, but there are three points to bear in mind:

Some viruses are highly damaging, and can wipe your hard disk clean and perhaps cripple your computer.
Most are not in this category, but any virus infection, even a harmless one, is embarrassing. If you send an infected file to a colleague you will find yourself having to apologise, and you may feel foolish.
When a virus infection comes to light on your machine, you need to take action which may be time-consuming, and may come at an inconvenient time.

Therefore you should make sure you have an up-to-date copy of a virus protection package on your computer. IT Services make such software available for both Macs and PCs. You should devise a strategy that is suitable for your computer and your work-routine. The IT Services Help Desk can advise on this.

There are different mechanisms that virus protection software can use.

A "Gatekeeper" facility which examines every file that you try to open and interrupts with a warning if it appears to be infected. This is the best form of protection, provided your computer is powerful enough to use it without great loss of performance.
A checking program which you can initiate at will, to check a floppy disk received from outside or a document received via e-mail or downloaded from the Web.
A scheduled check that goes through your entire hard disk at a particular time of day, or when it detects that your computer has been idle for 15 minutes or so.
Specific checks for Word documents containing macros. Word documents can only be infected if they contain macros, so the Microsoft Word protection software works by warning you of any potentially damaging macros. If you get such a warning you should tell Word to disable the macros, unless you are sure they are genuine and harmless. If you don't know what a macro is, assume that they are infected.
Note that early versions of Microsoft Word do not have a macro facility and so cannot be infected. This includes Word 5.1 for Macintosh. However, version 6 of Word for Macintosh does have a macro facility, and so for Word 6 users there is the possibility of virus infection.

IT Services has updated the virus-related material on its "Frequently Asked Questions" pages on the Web. See: http://www.st-and.ac.uk/ITS/faq/virus

You will see that the advice contains three equally important headline points:

Viruses are only one of several threats to your documents and data. The first essential is to ensure that you have adequate backups. By the time you discover a virus, or other corruption, in your documents, your most recent copies may also be infected. So you need to keep several generations of backups, so that, in a bad case, you can go back to find a clean version.
Please forward any virus warnings you receive to the Help Desk, and not to all your friends!
There are many hoax virus warnings that are regularly distributed by e-mail: these messages usually tell you to distribute the warning to everyone you know. In these cases "the virus" is the warning itself, which plays upon people's apprehensions to generate vast amounts of network traffic.

IT Services is in a position to be able to judge (or find out) whether a particular warning is justified. Please do not send virus warnings on to other users, in St Andrews or elsewhere.
Make sure you have a recent version of some virus protection software. The Web pages referred to contain information on how to get copies of Disinfectant for Macintosh and F-Secure for PCs. If you have any difficulty installing this software, contact the Helpdesk.