Bit9, Inc., the leading provider of application and device control solutions, today announced its newest podcast on whitelisting, an approach used to secure enterprise computing systems by specifying which applications and devices are allowed to operate. A broad whitelisting approach covers the applications the organization uses such that a typical user is not blocked while unauthorized software is always blocked. Thus, it’s not a matter of whether the file or device seems good or bad, but whether an organization decides it’s authorized to run.
In this podcast, Enterprise Systems Journal looks at how the technology works and examines its benefits with Brian Gladstein, Bit9’s Director of Product Marketing.
According to Gladstein, the concept of whitelisting turns blacklisting upside down. For example, typical anti-virus products employ blacklist technologies and compare executable files against a known bad list of bit patterns or behavior signatures. These blacklists are therefore perpetually out of date. Thus systems remain vulnerable to new, unknown, and potentially malicious software. With behavioral-based host intrusion prevention systems, it is often difficult to tell the good from the bad, resulting in false alarms.
Frustrated, some IT staff have tried to remove administrative privileges to avoid problems such as corrupted systems, malicious software, and non-compliance. Unfortunately, removing administrative rights from PCs introduces significant complexity to IT operations. So what can you do to secure your desktops and data?
Whitelisting enables companies to automatically decide which applications and devices are appropriate and approved to operate. All the rest -- unknown and unapproved applications and devices -- are blocked. Unlike blacklisting, third-parties don’t dictate which software or processes are inappropriate. With whitelisting, no third-party policy updates are required. Untrusted software simply can’t install or run, even zero-day or zero-minute software.
Companies are using whitelisting to increase compliance and manageability, while protecting their endpoints from:
• Zero-day threats
• Applications with vulnerabilities
• Non-business and/or non-compliant applications
• Unlicensed applications
• New, unknown applications
• Unapproved applications
• Unapproved or unknown devices.
About Bit9 Parity
Bit9 Parity fundamentally changes the way software is managed. It gives customers the ability to decide which applications and devices are approved and appropriate to operate and allows customers to specify policy for new, unknown software. Using this whitelisting approach, the risks associated with all forms of unwanted software, including the next generation of attacks, are substantially reduced.
Bit9's ultra-flexible application and device control policies ensure the best prevention against malicious software and data leakage. Customers regain control of their desktops and laptops through Bit9's business-friendly approach that allows them to:
• Stop data leakage
• Prevent malware
• Ban unauthorized software
• Achieve PCI compliance
• Halt zero-day attacks.
About Bit9, Inc.
Bit9, Inc., the leading provider of application and device control solutions, centrally controls which applications and devices can and cannot operate. Bit9’s award-winning, patent-pending technology delivers the easiest and most effective way to prevent malware and stop data leakage, enabling IT professionals to realize the highest levels of desktop security, compliance, and manageability. Founded in 2002 by the founders of Okena (acquired by Cisco Systems - NASDAQ: CSCO) and headquartered in Cambridge, Massachusetts, Bit9 is a privately held company.