When I was first introduced to whitelisting now over five years ago I was considering this technology for critical shared systems and looking at ways to manage remote operations. Dynamic whitelisting as a control to deny execution and access to system resources unless there was explicit trust of the applications and executables was a very new concept for the market. It was well received for back-office, datacenter and cloud infrastructure where discipline and control gets rewarded for achieving high-availability, decreased risk and accountability of these systems. It is one of the key components in McAfee’s Datacenter Suite for Servers where it continues to provide these valuable benefits. Back then, there was always pushback on utilizing this technology for desktops with excuses that it’s hard to support, there are too many desktop images across the organization and the employees have come to expect full control of their work systems. Today whitelisting is ready for Enterprise desktops and companies are now enthusiastic and ready for whitelisting.
What’s changed during this time span can be easily explained as the 3 C’s:
Culture: Today’s workforce has access to smartphones and tablets that they can easily use for their personal computing, searching, or other activities so they are more accepting of having a business desktop that may disallow non-business related applications. The other change is that the cloud enables updates, access to personal documents and even personal email utilizing just a web browser.
Compliance: Many of the standards and guidelines have requirements for malware protection that is commensurate with the current threats. For many large Enterprises the goal of 99% compliance on desktops and 0 malware are in direct response to the risks they perceive for their organization either based on experience or by the consequences of others in their industry.
Cost Concerns: IT and operations continue to look at cost control and adopting a Common Operating Environment (COE) for desktops is one way to reduce support costs for large Enterprises. When applicable application streaming helps to minimize the patching and updating that otherwise would be necessary on every desktop but not all applications or use cases are viable in this mode. Continuing to streamline and ensure that only authorized applications are on the desktop helps to reduce time to repair and also cost of compliance.
IT administrators with McAfee’s Application Control for Desktop can even automate end-user requests to install additional applications. Upon installation the end-user can be prompted to indicate the justification of why they are installing a specific application and automate a temporary whitelist status to the executable. IT can audit these requests and adjust corporate security policy to include or exclude on a corporate wide basis later on.
With a little introduction I believe that Enterprises can easily leverage desktop whitelisting to their communities. Most large organizations, public or private, have programs where employees benefit when the business does well. Communicating how whitelisting helps reduce the organizations security costs and how that will improve business risk as outlined by the three C’s may just be the stronger protection that will in-turn lead to a stronger business and a competitive advantage.