Application whitelisting
A
fter rolling out a whitelisting solu- tion was deployed remotely, enabling the tricked into downloading and installing
tion on thousands of endpoints, IT department to manage the product a potentially malicious piece of soft-
the IT security department at through a centralized web console. ware,” Fahey says. “With the policies
staffing and recruiting agency Man- Since the rollout was completed this we have in place, it can’t happen. It
power noticed a drastic drop in malware past August, the performance of comput- takes the human error away.”
across its network. ers has noticeably improved and users Whitelisting has always been a great
“Our infections and malware went have been more productive because idea and an effective technology, one of
down significantly,” says Lance Fahey, they are not downloading and installing the key pieces for creating a reliable and
a technical security specialist for the malware, Fahey says. As a side secure model, says Byron Hynes, an inde-
company. “There was a clear difference benefit, the IT depart- pendent technology strategist. “The
between pre- and post-installation.” ment has received holdup is it’s been hard to do.”
While whitelisting technology has a measurable Retail organizations have been
been around for some 10 years, it hasn’t decrease in calls to early adopters of whitelisting
garnered a mainstream following, as has the help desk. technology, implement-
its counterpart, traditional anti-virus “It really ing it on PCs running
(AV) software. Both offerings are intend- controls the point-of-sale (PoS)
ed to prevent malware, but whitelisting is social engineer-
the yin to the yang of anti-virus. Instead ing aspect where
of allowing any program to run, except individu-
for a blacklist of known malware like tra- als are
ditional signature-based anti-virus scan-
ners, the concept behind whitelisting is
to prevent the execution of any software,
except what is on a whitelist, which is
comprised of approved applications that
are known to be legitimate. So, when a
user is surfing the web and stumbles
on a malicious website that attempts
to silently install a virus on the system,
the malware will not execute because
it is not on the whitelist.
The IT department at Manpower
initially turned to whitelisting so its
primary business application, a staff-
ing tool, could function better, Fahey
says. The company chose an offering
from Bit9 and rolled it out to employee
endpoints across its 800 offices in
North America. The whitelisting solu-
Application whitelisting offerings are appealing to more organizations
due to a rise in malware, reports Angela Moscaritolo.
THE WHITE
40 SC • January 2010 • www.scmagazineus.com
card-processing systems to protect cus- It is clear that AV companies are hav-