Application Whitelisting - Worth a look?

silhouette of a person

Written By: Nigel Stanley
Published: 8th December, 2009
Content Copyright © 2009 Bloor. All Rights Reserved.

I recently had an interview with Lumension chatting about whitelisting. Is it coming of age?

Application whitelisting, which is the notion of only allowing pre-determined applications to install and run on a network, is gaining a lot more mindshare from security teams than ever before. Once in place and properly configured, an IT estate protected in this way should be able to prevent unapproved software code or applications from being installed.

Of course, whitelisting is only one part of the information security mix.

Forgetting the world of automatic downloads and so on, one big question I always ask when discussing whitelisting to security people is, whether they see users trying to install unauthorised applications on their work systems. In most cases this doesn’t happen, due to workstation lockdown and techniques such as whitelisting, but when it does, it is interesting to understand the motives of the user in question. This applies especially if the user is trying to install an application to help with their job. If this is the case then we, as information security people, need to see how we can quickly facilitate what is probably a justifiable business need.

At this point I get right on my hobby horse—delivering business benefit is what we security people are all about. Too many people lose sight of this, and application whitelisting must be seen as an enabler for business benefit. I’ll get off my hobby horse now!

For the whole interview check out http://blog.lumension.com/?p=2425.

Post a comment?

We welcome constructive criticism on all of our published content. Your name will be published against this comment after it has been moderated. We reserve the right to contact you by email if needed.

If you don't want to see the security question, please register and login.