Application control coming your way
Application control, and its sidekick device control, are making inroads in the corporate world for protecting managed desktops and servers. The name is pretty descriptive – application control steps in whenever a user launches an executable to issue an "approved" or not "approved" verdict. The technology works alongside traditional anti-virus, personal firewall, and intrusion prevention products for IT to control endpoint activity.
The primary motivation for deploying application control is that applications installed from unofficial sources are more likely to contain malicious code that can disrupt business operations or steal confidential information. Other application control benefits include restricting use of non-business applications (such as media players) to improve network performance or comply with HR guidelines, and managing endpoint configurations to enhance security and reduce help desk calls.
Typically application control relies on some variant of IT established white-list, black-list, and grey-list approaches that are checked when a user launches an application:
A white-list is a list of all the applications that users are explicitly allowed to execute. IT controls this list of permissible applications that have been vetted for security and business justification.
A black-list is a list of all the applications that users are forbidden to run. IT places executables on the black-list when they are associated with malware or unauthorized uses of corporate resources.
A grey-list is everything in between white and black lists. If application control cannot identify the application, then the user may place the app on a grey-list with extra auditing vigilance enabled so IT can make a subsequent thumbs-up/thumbs-down decision.
Implementing application control in an administrative-friendly way is more challenging than my simple description may lead you to believe, as the lists can become quite large for all the various user profiles. Good approaches are mindful of users needing to self-provision applications before IT can centrally approve them, normal IT operations requirements for software upgrades and patches, executable libraries that multiple applications use (and thus probably shouldn't be banned) and comprehensive reporting to appease the compliance auditors.
Application control is an interesting approach for organizations looking for automated tools to help exercise tighter management of endpoints. Companies that specialize in application control include Altiris, AppSense, Bit9, SecureWave, and soon Sophos. They are well worth checking out as good complements to identity-based access control and anti-malware products.
The primary motivation for deploying application control is that applications installed from unofficial sources are more likely to contain malicious code that can disrupt business operations or steal confidential information. Other application control benefits include restricting use of non-business applications (such as media players) to improve network performance or comply with HR guidelines, and managing endpoint configurations to enhance security and reduce help desk calls.
Typically application control relies on some variant of IT established white-list, black-list, and grey-list approaches that are checked when a user launches an application:
A white-list is a list of all the applications that users are explicitly allowed to execute. IT controls this list of permissible applications that have been vetted for security and business justification.
A black-list is a list of all the applications that users are forbidden to run. IT places executables on the black-list when they are associated with malware or unauthorized uses of corporate resources.
A grey-list is everything in between white and black lists. If application control cannot identify the application, then the user may place the app on a grey-list with extra auditing vigilance enabled so IT can make a subsequent thumbs-up/thumbs-down decision.
Implementing application control in an administrative-friendly way is more challenging than my simple description may lead you to believe, as the lists can become quite large for all the various user profiles. Good approaches are mindful of users needing to self-provision applications before IT can centrally approve them, normal IT operations requirements for software upgrades and patches, executable libraries that multiple applications use (and thus probably shouldn't be banned) and comprehensive reporting to appease the compliance auditors.
Application control is an interesting approach for organizations looking for automated tools to help exercise tighter management of endpoints. Companies that specialize in application control include Altiris, AppSense, Bit9, SecureWave, and soon Sophos. They are well worth checking out as good complements to identity-based access control and anti-malware products.
- TOPICS:Security, Social Business
Older Post: Sourcefire: IPO or acquisition bait?
Newer Post: Novell meets Microsoft in the datacenter
Browse Computerworld Blogs
All Bloggers
Free Insider Guide- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
White Papers
- Harness IT -- An Introduction to Business Intelligence Solutions
- Learn the key selection criteria required to provide your organization with the capability to address structured data, unstructured data and mobile demands so...
- Business Intelligence Shows its Smarts
- Today's Business Intelligence (BI) tools provide a new way to think about data with self-service capabilities and user-friendly analytics that can be used...
- Proactive Planning for Big Data
- Big data is less about the terabytes and more about the query tools and business intelligence needed to make sense of massive amounts...
Webcasts
- Becoming An Analytics Driven Organization
- Join us on Tuesday, June 18, 2013, 11:00 AM EDT and learn how your agency can create an analytics culture that will enable...
- 3 Reasons Why Sepaton is the World's Fastest Backup Solution
- Leading analyst, Storage Switzerland learns how Sepaton backs up and deduplicates massive data volumes while maintaining the industry's fastest performance - all in...
- Enterprise File Sharing: All You Need to Know
- Security. Scalability. Control. These are just some of the many benefits of enterprise cloud file-sharing that you'll discover in this KnowledgeVault, packed with...
Sponsored Links
- Powerful and secure remote support with LogMeIn Rescue - Try it free
- Increase your speed and agility with big data analytics from SAP®.
- How big is your 'phishing attack surface'? Find out now. A new free service!
- Intel ProLiant -Double compute density to tackle bigger workloads with HP ProLiant servers. Learn more
- Cervalis-S.S.A.E. 16 data centers keep critical IT applications running.
- Jumpstart business transformation with VCE solutions for SAP
- Check out Gartner Predicts 2013: Application Integration
- Rugged and reliable Panasonic Toughbook® mobile computers.
- New CIO Playbook helps you commit to SLAs with confidence.
- Transform enterprise IT with ServiceNow. See how easy IT can be.
- DEMO Velocity: Create branded interactive live events & training.
- See how Royal Caribbean is unlocking intelligence w/ Windows Embedded.
- BlackBerry for business. Built to keep your business moving.
- IDC Report: Managing the I/O Explosion Without Extra Hardware
- Top Ten Myths About Recovering Deleted Files
- Online Master of Science in Information Systems at Northwestern University
- ITwhitepapers.com - Access thousands of white papers on 300+ technical topics.
- Leverage Your Cisco infrastructure for Superior Application Performance
- Learn about the AMD Virtual Experience
- "The Definitive Guide to Security Management" Chapter 1: Introduction to Security Management
- Base your business decisions on complete, accurate data-with SAP®.
- Finally, a tablet that thinks the way you work. Intel®-based tablets
- Improve your ROI by the power of three with HP Converged Storage.
- Splunk - Machine data goes in, business insight comes out. Learn more.
- Focus on business, not infrastructure with VblockTM Systems from VCE
- Platform without Boundaries - Extend your Datacenter
- What's your Integration Strategy? View Gartner Predicts 2013: Application Integration.
- MIT Sloan: cutting-edge short courses for busy executives
- AirWatch - Leader in the Gartner Magic Quadrant Report for MDM. Download Now
- Connect to the Cloud faster with Comcast Business
- MIT Sloan: cutting-edge short courses for busy executives
- Imagine a future shaped by simplicity. See it at HP Discover 2013. Register Now.
- Join the Peer-Driven Community For All Things Mobility
- openBench Labs: How Diskeeper 12 Keeps the Latest Windows OS Running Like New
- Redefine Mobility Mgmt at Enterprise Mobile Hub
- Download Microsoft's latest Data Protection Management tool
- Not All QSAs Are Created Equal: What You Should Know Before You Buy
- The arrival of Serial Attached SCSI (SAS) marks a new era in storage scalability
- The AMD Virtual Experience Virtual Trade Show
- "The Definitive Guide to Security Management" Chapter 1: Introduction to Security Management
Resource Center
- About Us
- Advertise
- Contacts
- Editorial Calendar
- Subscribe to Computerworld Magazine
- Help Desk
- Newsletters
- Careers at IDG
- Privacy Policy
- Reprints
- Site Map
- Ad Choices
The IDG Network:
Copyright © 1994 - 2013 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.