Whitelisting ensures that employees can take only actions that are approved by administrators.
Organizations need to implement whitelisting for their devices as a part of their cyber-security strategy. CIOs need to collaborate with the IT staff to diagnose and block spurious codes, create a list of applications that a mobile or a computer is allowed to access. When the employee has a limited range of functionality and access, the chance of cyber-attacks is highly reduced.
IT leaders state that whitelisting is a modern and extreme lockdown method, it can prevent cyber-security issues if implemented correctly. Without proper implementation and administration, this measure can be quite frustrating and inconvenient for the employees and end-users. While CIOs state that blacklisting is the more familiar measure of cyber-security strategy, and a majority of anti-virus and anti-malware programs work it, the biggest disadvantage of the blacklisting strategy is that the software needs to be constantly updated to prevent cyber-attacks. An anti-virus program won’t be able to protect the organization from a “zero-day” attack.
IT staff state that whitelisting is the opposite of blacklisting. Once a machine is whitelisted, all websites are blocked/ blacklisted except the administrator approved sites. IT security professionals state that the disadvantage of this strategy is that it restricts employee freedom on the work computers. CIOs state that building a “whitelist” is cumbersome and complex. A blacklist can be common across different organizations but whitelist needs to be unique for each organization.
CIOs state that application whitelisting is a deterrent against two types of security threats. Malware, ransomware, and keyloggers will not gain access to the organization data if they are not present on the whitelist. Individual departments trying to install unapproved or unlicensed programs on the computer which are not present on the whitelist will be stopped immediately.
IT security teams state that whitelist is a good tool to fight shadow IT. CIOs need to deploy a security measure that can block malware and other unwanted software.
Best practices for whitelisting
1] CIOs need to ensure to deploy whitelist strategy in a phased manner so that the enterprise-wide operations are not disturbed.
b] IT department has to ensure that the list is correct, a good whitelisting strategy is as good as the list. CIOs need to treat the strategy as an auditing opportunity to choose the applications that can be installed across the organization’s IT infrastructure.
c] CIOs need to ensure that the IT department maintains the whitelist. IT is dynamic and new software will be necessary for the organization to fulfill its business.
Best-case scenarios to implement the strategy
CIOs need to realize that while whitelisting is not a solution for all issues, it can be fitted into a larger security landscape implemented in the organization.
1] Computers and networks connected to a high-risk environment
2] Devices whose users do not have administrative privileges
3] Centrally managed hosts and servers connected to other computers.