Antivirus and application whitelisting are the yin and yang of endpoint security. They work on two complementary security fundamentals that work best when intertwined. Antivirus blocks threats based on a blacklist approach: if an executable is on the list, if is not allowed to run. On the other hand, whitelisting works with a trust-based approach that defines what can be trusted and prevents unwanted / untrusted executables from running on the system. As a result, whitelisting ensures that the unknown executables and targeted attacks to which AV remains blind don’t ever successfully execute on the system.
Even without ever turning on the blocking functionality of whitelisting technology, your organization can leverage the visibility and intelligence of this tool to understand what applications are running on your endpoints, using those auditing capabilities to keep an eye on suspect executables and prevent unsanctioned software from running.
Quick Tip: Don’t Assume Whitelisting Requires One Centralized Whitelist
Today’s intelligent whitelisting solutions no longer require an organization to define all the possible known variants of what your organization will trust on its endpoints. Instead, the next generation of whitelisting offers a decentralized way to trust elements in your environment, taking a snapshot of a baseline system and gradually adjusting the list based on ‘trusted’ / approved vendors and changes.
In this increasingly mobile world, today’s endpoint rarely remains confined in the office and behind the corporate firewall. The modern endpoint is moving. Whether it’s a laptop, tablet or a smaller device, they connect to corporate networks after plugging into hotel computers and coffee shop wireless connections. What’s more, these very mobile devices generally contain more sensitive, corporate data than ever.
Today’s IT department needs to protect these corporate endpoints as much as possible, preventing costly malware outbreaks and data breaches, and keeping the company name out of the headlines. This slideshow features five tips, identified by Lumension Security, Inc., to help even the busiest IT pro stay on top of endpoint security, even as the barrage of attacks intensifies.