Automated whitelisting can be a simpler approach to screening and approving software patches and updates, according to the recently released guide.
The National Institute of Standards and Technology wants to help organizations keep out unwanted software through automatic application whitelisting.
The agency released a guide in October to help organizations understand and implement this technology, which is meant to control what software is allowed on an organization’s network. The technology aims to stop malware, unlicensed software and other unauthorized software.
“Unlike antivirus software, which blocks known bad activity and permits all other actions, application whitelisting technology only permits known good activity and blocks all others,” said Senior Information Technology Policy Adviser Adam Sedgewick in a statement released with the guide.
Compared with the manual version of this technology, automated whitelisting can be a simpler approach to screening and approving software patches and updates, according to the guide.
Although employees may be discouraged from using unauthorized software, oftentimes they are able to download the newest version of an operating system before it is vetted, according to a NIST statement.
The guide’s authors recommended agencies use phased deployment to incorporate this whitelisting technique, which can "minimize unforeseen issues and identify potential pitfalls early in the process."
The document recommended agencies follow a five-step process:
Initiate the solution: Agencies should determine current and future needs for application whitelisting, with a specific focus on performance requirements and functionality.
Design the solution: There are many different forms whitelisting can take.
Implement and test a prototype: Use a lab or test environment to determine the technology’s functionality, management, performance and level of security.
Deploy the solution: Implementing the technology throughout the organization should be gradual.
Manage the solution:The work doesn’t stop after deployment, agencies should continue to monitor the technology throughout its lifecycle.
NEXT STORY: Pentagon releases cyber acquisition guidance