Setting up controls on a computer by ‘whitelisting’ those that you approve of can protect you against unauthorised and/or malicious programmes from doing things to your device. The aim of whitelisting is to only allow a select group of programmes and internal functions to ‘execute’, blocking other software from making changes to the system.
The Australian government’s Department of Defence identities application whitelisting as one of its four key mitigations against cyber threats (the others are patching systems, restricting admin privileges and creating a ‘defence-in-depth’ system) and states:
Application whitelisting, if implemented correctly, can be an incredibly effective means of ensuring the security, stability and consistency of a computing environment.
Whitelisting the applications that can run on a computer involves 3 key steps:
- Identifying what should be allowed to run;
- Preventing other programmes from running;
- Preventing computer users from being able to change which files or programmes can be run.
Application whitelisting can be a great way to secure devices, whether it’s to stop young children going online to view unsuitable content or staff installing their own software on work computers.
But the process can also introduce new issues and potentially leave employees unable to complete their work. Thus it’s important to think through clearly what you’re trying to achieve and allow time to educate users on why these controls have been established. Ensure there’s a process to review and update any rules you set up.
How can I implement application whitelisting?
Windows computer users can explore AppLocker which Microsoft introduced in Windows 7 Enterprise and Ultimate Editions. This is a business set-up though and limited to professional editions.
Windows home users can instead explore using the Family Safety feature to restrict what individual users can and can’t do on a shared computer. Setting up ‘child’ accounts allows the administrative user to limit what the the sub-user can and can’t do.
Some mobile operating systems also come with basic application whitelisting controls – for example, Apple’s ‘Restrictions’ and device profiles can be used to prevent elements of the device from working or specific applications from loading or settings being edited.
Restrictions works with up to date versions of Apple’s iOS operating system for iPhone, iPad, and iPod touch. On Android, Restricted Profiles work in a similar way depending on which version of the operating system you have installed.
Explore the user settings and try out the built-in tools. If you need more detailed options for controlling the use of smartphones then you may need to investigate a Mobile Device Management solution.