Antivirus Solutions on EC2 Instances

Supporting PCI Requirement 5 in AWS 
Your organization should take every precaution possible to protect itself against viruses, worms, ransomware, Trojans, etc. This is why PCI Requirement 5 calls organizations to protect all systems against malware and regularly update antivirus software or programs. Some organizations may find this requirement redundant because they have controls implemented to prohibit malware from entering their environment. To support comprehensive AWS security, though, any EC2 instance that you are operating needs an antivirus solution that detects, removes, and protects against all types of known malware.

In your AWS environment, you are responsible for implementing an antivirus solution on any EC2 instance that you are operating. This is for the purpose of PCI Requirement 5. A lot of times, we get push back on this one and people don’t see the reason for implementing antivirus because of other controls they’ve put into place to prohibit that type of malware from entering their environment. But for this requirement, you must have an antivirus solution for any EC2 instance that you’re operating. Unless you’re using some Linux flavor of an operating system, which then the requirement allows you to have some type of a process in place for checking those EC2 instances for any presence of malware. This might be more of a periodic check or some process that you utilize to inspect the presence of any malware in place in the operating system. For operating systems that are known for being affected by malware and other types of viruses, you definitely want to choose an antivirus solution that suites your needs. 

Related Videos