Atlassian announces end of life for OpsGenie. Looking to switch? We're here to help -- Learn More ➡️
Menu

Anti-Virus & Anti-Malware Policy

1. Introduction

PagerTree is committed to maintaining a secure environment that protects the confidentiality, integrity, and availability of information entrusted to us by our customers. As part of our security program, PagerTree implements strong anti-virus and anti-malware controls across systems, devices, and cloud infrastructure used to deliver our services.

This policy outlines the safeguards PagerTree uses to prevent, detect, and respond to malicious software.

2. Purpose

The purpose of this policy is to define the technologies, processes, and responsibilities involved in protecting PagerTree systems from malware, including viruses, trojans, ransomware, spyware, and other harmful code.

3. Scope

This policy applies to:

  • All PagerTree-managed laptops, workstations, and servers
  • All cloud infrastructure and production systems supporting the PagerTree platform
  • All employees, contractors, and approved third parties with access to PagerTree systems or data

4. Anti-Malware Controls

4.1 Endpoint Protection

PagerTree deploys approved anti-virus and anti-malware solutions on all company-managed endpoints. These solutions include:

  • Real-time scanning and behavioral monitoring
  • Automated threat detection and alerting
  • Protection against known and emerging threats

Users may not disable, uninstall, or bypass endpoint protection technologies.

4.2 Automatic Updates

To ensure continued effectiveness:

  • Malware signature updates and detection engine updates occur automatically
  • Operating system and application security patches are applied promptly
  • Systems that fail to update within required timeframes are investigated and remediated

4.3 Scheduled Scans

All PagerTree-managed endpoints perform:

  • Full system scans on at least a weekly basis
  • Quick scans daily or through continuous real-time scanning mechanisms

4.4 Cloud & Production Systems

PagerTree hosts its services in secure, managed cloud environments. Production systems are protected through one or more of the following:

  • Endpoint or server-level anti-malware tools
  • Runtime protection and behavioral monitoring
  • Container image scanning and validation prior to deployment
  • Cloud-native malware and integrity protections (e.g., immutable infrastructure, allow-listing)

Threat events within production environments are logged and reviewed regularly.

4.5 Detection & Response

When malware is detected:

  1. The affected device or workload is isolated or quarantined as appropriate
  2. Alerts are recorded in PagerTree’s monitoring systems
  3. The Security team investigates, triages, and remediates the threat
  4. High-severity incidents undergo documented root-cause analysis and corrective actions

4.6 Removable Media

To reduce risk of malware introduction:

  • Use of removable media (e.g., USB storage) is restricted
  • Any approved removable media is automatically scanned upon connection
  • Customer data may not be stored on removable devices

4.7 Third-Party Access

Vendors and contractors with access to PagerTree systems must maintain security controls equivalent to PagerTree’s, including up-to-date anti-malware protection.

4.8 Logging & Monitoring

Malware detections and related events are logged and retained in accordance with PagerTree’s security logging policies. Security alerts are reviewed by designated personnel.

4.9 Employee Responsibilities

All employees and contractors must:

  • Follow PagerTree security policies
  • Report suspicious behavior or potential malware activity immediately
  • Complete required security and phishing awareness training

5. Compliance

This policy supports PagerTree’s compliance with:

  • Industry-standard security best practices
  • Contractual security obligations
  • Applicable state and federal requirements

PagerTree maintains and regularly updates malware protections based on evolving threats and technology changes.

6. Review and Maintenance

This policy is reviewed at least annually or whenever significant changes occur to PagerTree’s systems, operations, or threat landscape. Updates are approved by Executive Management as part of PagerTree’s Information Security Program.

For questions regarding this Anti-Virus & Anti-Malware Policy, please contact security@pagertree.com.