Client Login
 Quick Contact
White-Listing And IT Security
Category : Managed Services 10 Dec 2009 12:35 PM
Whether you’re fed up with your employees using Facebook, YouTube or checking personal emails during work time, right through to suspecting an employee of being responsible for importing a virus to your business IT network - moving to a white-listing system for internet access could be just the IT security solution you need.
White-List or Black-List.
There is, of course, nothing new in the idea of using white-lists to determine which internet sites are approved for access. However just in case you don’t already know, rather than simply allowing any websites to be accessed on a computer system you can create a black-list that bars certain websites - or a white-list that contains only the approved websites that can be visited. Whilst just about any IT consultancy in Hong Kong will happily introduce black-list internet security for you - only the more reputable and professional ones, like Dual Layer IT consultancy, will be prepared to spend the time with you to develop an effective and secure white-list. White-Lists are far more effective at ensuring the correct network security systems are in place regarding the internet as, unlike a black-list, only websites in the white-list can be accessed. Whilst a black-list can also prevent websites being accesses by a known url - if the content of that url/website has been copied elsewhere, it could still be accessible.
White-Lists at the PC level.
By knowing only certain ‘approved’ websites are on your white-list you can be confident that no spurious software can be downloaded or installed on to your network. However, white-listing procedures can also be applied by the best IT services providers at workstation level. Despite workstations being protected by system and user profiles errors might have been made, or not checked, if your network security and design hasn’t been reviewed by an expert IT outsourcing company. Adding an extra layer of security at the PC support level will act as another block and deterrent to anyone trying to install unauthorized applications on their own workstation. Of course, just because someone is trying to install an application on their own PC doesn’t necessarily mean that they have evil intent; it could be a perfectly harmless piece of software that they believe will help them with their job - or even help the company. However, on an IT audit basis, you need to know exactly what is on your computer system as any software could unwittingly cause problems with another aspect of your IT operations.
Is white-listing on the increase?
Sadly the ever increasing incidence of computer viruses and other malicious code does mean that white-listing is featuring more and more in systems solutions. Furthermore applying a white-listing network solution can actually reduce the likelihood of employees trying to ‘beat the system and still get to their favorite online chat-room, game etc. If the websites they want to use are on a black-list they’re bound to waste time trying to circumvent it, accessing the websites by ‘back-doors’. By informing them, and explaining to them, that a white-list is in operation they will realize that there’s no point in even trying to access those websites. You can even ask a white-list integration service provider, such as can be offered by Dual Layer, to record attempted breaches of the white-list for staff disciplinary purposes.