Requirement 5: Protect all systems against malware and regularly update anti-virus software or programs
Antivirus must be installed on all workstations and servers that are commonly affected by malware. This includes both Windows and most Linux systems. Antivirus software must be capable of detecting, protecting against, and removing all types of malicious software. Antivirus signatures must be updated regularly, and scans must be performed periodically. Logs from antivirus software must be collected and stored according to requirement 10.
Only administrative users should be able to disable or change the configuration of antivirus software.
Go on to Requirement 6 - Secure Systems.
Go back to Requirement 4 - Data Encryption.