Network Trace
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

22) Does your organisation have procedures in place to control the installation of software on user endpoint systems?

August 30, 2022
IT Operations
Application Whitelisting

Answer yes if your organisation has controls in place to monitor and restrict the installation of software on user endpoint systems, including desktop PCs, laptops & mobile devices. This could be done through the use of application whitelisting, restricting user installation rights, device management software etc. Please describe the nature of the controls in the notes.

Application whitelisting is a control that ensures only approved applications, restricted by code signing, can execute on devices. This effectively limits the programmes that your production systems can run to only the programmes required to perform their business function. The aim of this control is to prevent these systems from being able to run (or execute) malware.

Malware is executable code that is written to deliver a malicious action against a system. By enforcing application whitelisting, your systems should be protected against running many types of executable files, that could be malware, on your systems. This control makes sure you have implemented application whitelisting to protect your users endpoints.

If your systems need to be able to run code that has come from an unknown origin, these applications should be ‘sandboxed’. This runs the code without granting the code access to system resources that could lead to a compromise.

This is a control required to maintain a Cyber Essentials certification.

How to implement the control

Application whitelisting can be enforced on systems through a number of methods, including through features built in to most operating systems or through the use of a third party tool.

Cyber Essentials has some good information on application whitelisting and sandboxing that can be found here.

If you would like to contribute to this article or provide feedback, please email Contributors will be recognised on our contributors page.

Pattern Trapezoid Mesh

Defend against supply chain attacks with Defend-As-One.

No organisation is an island.