It can be the difference between companywide cyber infection and business as usual. But many businesses don’t enact it. All too often this is down to a combination of a lack of knowledge and fear that it’s more complicated than it is. So, in the following blog, we’ll be outlining what you should know about application whitelisting before you start using it within your business.
So, what is application whitelisting?
It’s a cybersecurity method that predetermines what actions are allowed to be taken on a device. It consists of an IT Head listing a series of applications that a device can run. It’s quite a blunt instrument; allow this, don’t allow that. And can limit functionality. So, it’s important to do it carefully to cause as little frustration to the end user as possible.
Why it’s important
First and foremost, it’s a straightforward way to ensure better cybersecurity. Any malware or ransomware will be stopped in its tracks if it’s not on the whitelist. Very useful if you work in an industry that requires strict cybersecurity adherence. It can also optimise an IT system’s efficiency. By keeping the number of applications under an end user’s command to a minimum, less memory is used and less time is wasted managing licenses.
Dos and don’ts
If application whitelisting sounds like a plan, here are a few basic guidelines you’ll want to consider.
- Do develop a whitelisting policy. This is a detailed outline of what goes on the whitelist and why. Getting your whitelist right is imperative and this is the foundation of it.
- Don’t switch on your whitelisting all at once.
- Do it in phases to avoid any big disruptions to operations. Do group users with similar needs within the same whitelist. It’ll save time and make for fewer whitelists to be created.
- Don’t forget to maintain your whitelist. As software changes and updates, you may need to add and remove applications accordingly.
- Do deploy any whitelists you might be uncertain of in audit only mode. This is where everything besides the blacklisted applications are allowed to run.
As a general rule, application whitelisting is best deployed on computers in particularly risky environments – namely laptops that might be used to work from home and on central hosts that connect to the rest of the IT system. You also need to bear in mind that your application whitelisting policy should form part of your wider cybersecurity policy. You’ll still need a good firewall, endpoint security, cyber awareness training, etc. And if you’re serious about remote working – as many businesses are these days – then all of the above and more are cybersecurity non negotiables.
See how well your cybersecurity – and other factors – are prepared for our new world of remote work with our remote working assessment tool. Click below to use it.