Security

03:35 PM
Becca Lipman
Becca Lipman
Commentary
Connect Directly
Facebook
Google+
Twitter
RSS
E-Mail
50%
50%

Application Whitelisting Increasingly Applied in Cyber Security

Innovations in application whitelisting solutions are helping IT teams more efficiently and flexibly automate and manage lists of approved applications.

In financial services and healthcare industries application whitelisting is becoming an increasingly important tool for defending against malware attacks, says Bob Janssen, founder and CTO of RES Software, an enterprise software solution firm.

Application whitelisting is the longstanding IT administrative practice of sand-boxing computers and networks from various applications, denying applications that are not explicitly approved by IT. New applications are denied execution on the server by default, limiting the company's exposure to malicious applications and stopping users from updating to versions of approved applications that may have some yet-unsolved security holes.

Although whitelisting is effective in blocking malware, it is much more difficult to manage than it sounds. Employees want to install whatever they like (BYO Application, if you will), and slow speed of approval from IT admins makes the process onerous for end-users and the IT staff. The list of approved applications and vendors, and controlling who has access to what, is difficult to manage. Handing out the local administrative privileges to install applications creates vulnerabilities. Most irritating of all, whitelisting has a history of blocking non-malicious applications, which has prevented users from getting the most out of their systems.

Add in complications of mobile devices, and it's not hard to see why whitelisting has often been foregone for the opposite (and arguably less secure) blacklisting approach, which approves all applications except those specifically identified as malicious or noncompliant.

But new automated approaches to application whitelisting are making those constraints more manageable, and it's spurring adoption by high-security-minded industries, observes Janssen. Customer-centric IT solutions are allowing IT admin to pre-approve certain applications, so when users go to install those applications they are able to launch without requesting special permissions. Certain populations of users can be given extra privileges to launch more sensitive applications.

"IT staff would like to keep everyone on a regular user account," says Janssen. "They can program the solution to trust these vendors, or approve only certain versions of a software, so when it's time to install something we can elevate that installation without users asking for privileges. That goes a long way."

Whitelisting solutions are also offering more flexibility, rules, and filters with the range of requirements they can implement. Some firms allow users to upload anything as long as it's on the approved vendors list, or exactly control the software version (for example, allowing the installation of Adobe Reader, or only certain versions of the software).

Whitelisting has also become more contextual, adopting controls depending on where the user is located. A roaming user may not have access to certain applications, or have the applications shut down when out of range and unable to access information. "Security has become very dynamic -- it really depends on the exact moment in time, what is locally available, and so on."

Whitelisting goes against consumerization, which is about instant gratification, Janssen adds. "Imagine you request something in the app stores and have to wait weeks for it to be delivered. We see the same thing in IT, but users want access instantly." He says IT teams that take on traditional whitelisting tools that don't offer flexibility for self-servicing are doing themselves and the end-users a disservice. "As a company, we believe in consumerization. It can go hand-in-hand with user experience, but it needs to think about compliance and security as well as user freedom."

Modern whitelisting solutions are part of a trend of automating IT to help leverage infrastructure in an efficient way, says Janssen. "If you have a serious issue and need to solve it quickly, you need to rely on powerful automation. Speed of delivery from an automation standpoint is key, especially when the issue is security."

Becca Lipman is Senior Editor for Wall Street & Technology. She writes in-depth news articles with a focus on big data and compliance in the capital markets. She regularly meets with information technology leaders and innovators and writes about cloud computing, datacenters, ... View Full Bio
More Commentary
A Wild Ride Comes to an End
Covering the financial services technology space for the past 15 years has been a thrilling ride with many ups as downs.
The End of an Era: Farewell to an Icon
After more than two decades of writing for Wall Street & Technology, I am leaving the media brand. It's time to reflect on our mutual history and the road ahead.
Beyond Bitcoin: Why Counterparty Has Won Support From Overstock's Chairman
The combined excitement over the currency and the Blockchain has kept the market capitalization above $4 billion for more than a year. This has attracted both imitators and innovators.
Asset Managers Set Sights on Defragmenting Back-Office Data
Defragmenting back-office data and technology will be a top focus for asset managers in 2015.
4 Mobile Security Predictions for 2015
As we look ahead, mobility is the perfect breeding ground for attacks in 2015.
Register for Wall Street & Technology Newsletters
Video