Whitelisting is an important strategy for protecting networks from malicious unauthorized programs. Hoping to make this procedure more standard, NIST has released their “Guide to Application Whitelisting,” citing employees’ use of unauthorized programs as a security weak point.
NIST’s guide outlines the benefits of automated application whitelisting, and includes step-by-step instructions for organizations interested in implementing these application whitelisting practices. However, they emphasize that this is just one tool for improving network security.
To us at MediaPro, good whitelisting practices offer another great control to keep your biggest security risk—your employees—from making a mistake and downloading malware. But remember, the “human” factor is still the single largest cause of data breaches, with industry studies claiming anywhere from 50%-95% of data breaches involve human error (see IBM’s 2014 Cyber Security Intelligence Index, and Verizon’s annual Data Breach Report.) The most secure businesses combine measures like whitelisting with a solid educational program to ensure maximum protection against threats.
For the NIST Guide to Application Whitelisting, you can click here.
For effective security awareness training made with adult learning principles in mind, check out MediaPro’s Adaptive Security Awareness Program.