Data Doctors: How application whitelisting keeps a computer secure

Q: I was told that I should use application whitelisting to protect my computer. Do you agree? And if so, how do I do it?

A: Technically speaking, application whitelisting is a very good way to create a more secure environment, because it tells your computer that it can only run specific applications. This can prevent rogue malware that may be able to sneak past traditional security systems, such as signature-based anti-virus programs.

Whitelisting vs. blacklisting

Application whitelisting tells your computer to block anything not on the list, while blacklisting tells your computer to block anything on the list.

Traditional anti-virus uses blacklisting, which requires that newly released malware be identified and added to the list before the program can protect you from it.

The contents of a blacklist can grow daily, making the approach more of a resource hog that can impact performance, and they can never protect you from previously unknown malware attacks.

Whitelists, once set up, are going to be much smaller and somewhat static unless you’re constantly installing new applications.

Is whitelisting for me?

The answer to this question is very different for different users. IT professionals and businesses should absolutely explore whitelisting to protect their networks, while the average home user may not be up to the task.

As a practical matter, getting it properly configured and devising a strategy to properly update the whitelist might be a bit much for non-technical users. You might remember the annoying User Account Control (UAC) in Windows Vista that would routinely pop up a window asking for permission to continue when you tried to use something new.

UAC was a form of whitelisting that blocked the use of anything it didn’t already know to be safe. You’ll notice that Microsoft went a different direction afterward because it was too intrusive to users.

Security and usability have always been on the opposite ends of the spectrum, so finding the right balance for you is the key.

If you’re trying to secure a business workstation or a child’s computer by severely limiting what it can do, application whitelisting might be ideal.

Whitelisting options

If you decide you want to explore whitelisting, you might have the ability built in to your operating system.

Windows 10 Pro and Enterprise editions have extensive tools for creating application whitelists that don’t exist in Windows 10 Home.

Windows 10 Home users can create a very basic form of application whitelisting by only allowing apps downloaded from the Microsoft Store to be installed. To do this, go to Settings, then Apps and change the drop-down box in the Installing Apps section at the top of the Apps & Features menu.

Keep in mind, this means that you won’t be able to install older programs from CDs or DVDs or utilities and programs that you would typically download directly from other software companies.

MacOS users can create a basic form of whitelisting through the Parental Control menu or through Gatekeeper, which is Apple’s primary tool for controlling what apps can be installed.

Third-party options do exist, but they’re mainly developed for business users, as most of the attempts at consumer tools have been ineffective or too complicated.

Ken Colburn is founder and CEO of Data Doctors Computer Services. Ask any tech question on Facebook or Twitter.

Federal News Network Logo
Log in to your WTOP account for notifications and alerts customized for you.

Sign up