Newsletters Welcome, Guest Log In | Register
Blogs:

Paul Mah

SMB Tech

Expert tech insight and advice for small businesses with big goals

About this Blogger RSS

< Previous | Next >

Subscribe

Sign up now and get the best business technology insights direct to your inbox.

  • Daily Edge
  • CTO Edge Update
  • Business Tools & Templates
  • Aligning IT & Business Goals
  • Maximizing IT Investments

0

Whitelisting: A Shift in Approaching Security

Posted by Paul Mah Nov 26, 2008 9:31:57 AM

If you were to go out shopping for a new burglar alarm today, would you purchase one that triggers only when it detects a known burglar or felon in your house? I mean, that would be ridiculous, wouldn't it? It is only logical that a burglar alarm would trigger when it detects anyone other than known persons moving about - and not the other way round. Yet, this is the exact scenario when it comes to security software, or to be exact: antivirus software. Traditional antivirus software takes up position at key locations in your computer, where it continuously scans for known malware. This is done by comparing the characteristics of all software against a database of known viruses, also known as a definition database. These databases are maintained by antivirus vendors, and customers pay for subscriptions, which fund the vendors' efforts to analyze and identify new viruses. All this information is used to update the definition database - which is in turn pushed back to the customers.

 

Why am I talking about this today? For one, to bring your attention to whitelisting. Implementation details vary, but in a nutshell, whitelisting works in reverse from antivirus software by creating a list of known "good" files in a computer. Executable files not found within the database are flagged as potential threats or even stopped from executing.

 

Compared with large organizations, the more manageable size of SMBs means they are in a unique position to swiftly and pervasively implement whitelisting. If you would like to check them out, a couple of vendors that you might want to start from include CoreTrace and Savant Protection. As usual, this does not in any way constitute a recommendation of any sort.

 

Some will argue that whitelisting is a cumbersome solution, as users cannot download and install applications with impunity. On this front, consider that it is up to CIOs and managers to decide if users should be allowed to practice such unsafe practices on corporate assets in the first place. You might also want to take into consideration actions like the recent ban by the U.S. military of USB flash drives as well as storage devices as the organization grapples with the proliferation of malware.

 

At the end of the day, whitelisting is simply another tool that, if implemented properly, has a much better chance of stopping unknown threats than definition-based antivirus software.

Related Content

Add a comment Leave a comment on this blog post.

There are no comments on this post

Related Content

Browse

Topic: Anti-Virus Solutions

Antivirus solutions compare files against a virus database or look for suspicious activity

Blog: Study Shows SMBs Lacking in Security Training

Article: Onion Shell Security – Securing Your Business

News: Most Security Products Fail Quality Tests

Related Topics

Intrusion-Prevention Systems, SMBs

Featured White Papers

Browse

Software Forum: Information On Demand Virtual Experience

This interactive virtual forum presents leading IT experts providing the insights you need to turn your information into a strategic driver for innovation, business optimization and competitive differentiation.

Performance Under Pressure: The State of Enterprise Web Application Quality and Availability

This research study finds that Web application issues are an all-too-common problem and examines these Web-based enterprise application issues from two perspectives: that of an online customer and that of a site manager.

Resource Centers

Browse

Laptop Security

Answers to the ongoing challenges of the mobile office: to work anywhere, securely and efficiently.

Featured Whitepapers

Into the Wild: Managing Laptops Outside the Office

Energy Efficiency

Best practices to optimize computing ability while minimizing power costs.

Featured Whitepapers

The Role of IT in Sustainability

Network Optimization

Network management tools and tips to increase network speed and efficiency, regardless of office location.

Featured Whitepapers

Extreme Savings: Cutting Costs with WAN Optimization

Application Grid

Learn more about this middleware layer that pools and dynamically provisions infrastruction application delivery resources to lower costs and improve efficiency.

Featured Whitepapers

Application Grid: The Ideal Platform for IT Consolidation

Premium Tools

Browse

ITIL V3 Foundation - Complete Certification Kit

Enhance your IT career by getting your ITIL Foundation Certificate. It's fast and easy with this complete resource. The 186-page eBook and companion online training course is guaranteed to help you pass the ITIL exam.

Learn more >

All About Reducing Your IT Costs

Looking to cut costs? Use this research-driven Excel tool to pinpoint which IT cost reduction measures best fit your needs.

Learn more >