Should You Use Application Whitelists?

Whitelisting is a way of protecting your computer, or computer network, from unauthorised programs. However, it’s a method that few people use, and some don’t even recognise the term. However, many people use it every day with their email programs. Whitelisting is the opposite of blacklisting. With blacklisting, you make a list of programs or email addresses you want to block. A whitelist, on the other hand, is a list of programs or emails you will allow to run, or move into your inbox. Anything not on the list is denied. Should you implement this on your network?

It Locks Down Your System

Having a whitelist will prevent any unauthorised computer program from running on your system. These programs cannot access any system or network resources, or do anything that changes your computer. That means viruses and other malware programs will be unable to execute, so your network is completely safe. This is one of the very few methods that will absolutely prevent any of these programs from damaging your computer, because they can never run unless someone adds them to the whitelist.

Whitelisting has the advantage over blacklisting, as far as safety goes, because you don’t have to constantly add programs you wish to block. Instead, all programs are blocked by default. This includes malware that you haven’t even heard of because it’s so new. With a blacklist, you can only block what you know about, which means new viruses can often get past your defences.

It Protects Your System Resources

Even if a program isn’t malware, anything that’s running that you don’t need is using up your system resources. By using application whitelisting Windows won’t be wasting any resources on programs you don’t need running. This includes any software that tries to install itself, or that tries to run automatically. If you don’t want it running on your system, it won’t. This includes more than just programs, too. Other file types such as DLLs won’t be able to load into system memory unless they’re on the whitelist.

It’s Easy to Use

Whitelisting a program automatically whitelists all of the libraries and other files that program needs to run, so you only have to list the main software. It takes very little time to do, and once it’s done, you never have to change the settings, unless you need to add or remove a program from the list. In a network, everything can be done by one person in your IT department, so there’s no risk that someone will accidentally change your whitelist settings.

It Reports to You

Most whitelisting applications provide you with a report that lists all of the programs that have tried to access your system resources. This way, you can see exactly what’s trying to run. This can help give you an idea of how many viruses are on your computer and what kind of malware is trying to invade your system. These reports may include information, such as when the program tried to execute and even where the program originated.