Implementing a virus checking system in your digital preservation workflow is an important step to protect your collections from viruses, malware, and other malicious software. Virus checks can help to detect and remove any threats that could damage or corrupt your files, helping to ensure their longevity and accessibility- and the safety of other content in your digital archives.
The National Archives note that virus checking is an essential step in building a digital archive. The tricky part- how exactly do I implement virus checking in my digital preservation workflow?
The first step in implementing a virus checking system is to choose your virus scanning software. It's important to select reliable and reputable software that is frequently updated to ensure your files are checked against up-to-date sources.
Popular free options include AVG and the open-source tool ClamAV. Some solutions will be less specialised to the task of scanning your collections in bulk, and some may support additional features like command-line tools that can greatly increase the efficiency of your workflow- at the cost of ease-of-use. Your choice should consider how well the software integrates with your existing workflow, and how complex it will be to manage an effective virus checking policy with your chosen tools.
Ultimately, you can opt to make use of whatever virus scanning solutions your organisation already subscribes to; but you'll likely miss out on many of the powerful workflows using a tool with command line features like ClamAV enables.
Curate, our Digital Curation platform, automatically scans every file you upload using both signature and heuristic-based checks- Try it out with one click by checking out our demo and uploading a file.
2. Define your virus checking policy
Once you have selected a virus scanning software, the next step is to define your virus checking policy. Digital archiving best-practice guidelines commonly recommend a 30-day quarantine period. This means that any files that have been introduced to your system are quarantined in an isolated location for 30 days. This allows time for any potential threats to be identified and contained before the files are released back into the workflow.
The practicality and ease of implementing and managing this policy is a entirely different question, in-fact it can be incredibly challenging to define the finer details of how to ensure your policy is adhered to. On their excellent blog UK Digital Preservation community contributor Rachel MacGregor notes about their experience implementing a 30 day quarantine policy:
"So the next question is - how do I manage the quarantine process? I can find very little written about the nitty gritties of this - any pointers gratefully received. In the meantime: Outlook calendar reminder..." - Do not attempt this at home, an old hand digital.
It's worth addressing these issues ahead of time: how will you manage your quarantined files? How will you ensure the 30-day release scan is carried out?
You could use Curate to automate the entire quarantine and release process, without having to constantly worry about the ongoing status of your quarantined files or the safety of your collections.
3. Define scanning actions
Once the virus checking policy has been determined, you will need to define the actions to be taken when a threat is detected. It's essential to prepare a plan to action immediately when a file is found to be compromised in order to protect your collections and pre-ingest files. You might want to investigate the deposit the infected file came from to ensure there's no more malicious content, or potentially even contact the source of the acquisition to prevent any future incidents.
You should follow the advice of your local Digital Preservation authorities recommended best-practice on how to treat compromised content, but it's imperative to ensure the rest of your collections are immediately safe from any threats. Curate instantly isolates any infected content in a secure location and clearly identifies it, allowing you to either destroy or safeguard it while you investigate the source.
4. Monitor, Protect
After the scanning has been completed, it is important to monitor the ongoing efficacy of your workflow. If the implementation you have settled upon is too complex, or something is preventing you from efficiently scanning all of your collections, it could be valuable to reassess your options. Review your results frequently to ensure that your tools and virus checking policy are up-to-date and functioning smoothly. Keeping a log of scanning results can also help to track and identify any potential issues, or allow you to enrich your preservation metadata later.
Implementing a virus scanning system in your digital preservation workflow is an important step to ensure the usability and accessibility of your digital archives. By selecting reliable virus scanning tools, setting up an effective policy following best-practice and frequently reassessing your workflow, you can ensure that your collections are protected from threats and that their longevity and accessibility are maintained.
Seek out the latest guidelines and information from your local Digital Preservation authority. For more information on guidelines that inform this article, visit:
Try out the live Curate demo to see how easy it can be to take care of this entire process completely automatically!
Curate, Preserve, Protect.
Preservica and the Preservica logo are trademarks of Preservica Ltd.
Artefactual, Archivematica and the ‘a’ logo are trademarks of Artefactual Systems Inc.
Curate™ is a trademark of Penwern Limited.