Q

Best practices for using restriction policy whitelists

Ed Skoudis discusses which systems should be considered for software restriction policy whitelists, and unveils how whitelisting can improve security.

When dealing with application permissions, does the number of "good" applications make whitelisting an unreasonable option?
I recently wrote a brief tip about how to configure such restrictions in Windows using Group Policy, as well as the capabilities of new enterprise endpoint security suites. Applying this concept depends on the particular computer system and its use.

For a general-purpose computer used for all manner of things (surfing the Web, reading email, running enterprise applications, evaluating new software, etc.), such restrictions are highly unwieldy and difficult to keep up to date. But, for a computer that doesn't have to do very many different things (like one used for just reading email and surfing the Internet with a small number of helper applications), such restrictions can greatly...

improve security. Unfortunately, most enterprise systems fall somewhere in the middle of these two extremes.

I recommend surveying system administrators to determine where your organization has pockets of relatively simpler computers, and then start using them to experiment with software restriction policy whitelists. Gradually move up to more complex classes of systems over time, until you reach the point of diminishing returns in maintaining such lists from an operational perspective. That point will likely be reached quickly, keeping whitelists on only the simplest of computers. Still, for those boxes, security will have improved significantly.

For more information:

This was first published in April 2008

Dig deeper on Securing Productivity Applications

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close