One of the weakest links in most company’s security process is the timely patching of software on employees’ computers. While the rigor around timely patching is critical, it’s often complicated by a number of things; multiple operating systems, geographically dispersed workforces, and the time and resources needed to manually keep track of each endpoint’s software.
One approach to guarding access from potentially malicious software and patches is blacklisting. Blacklisting is the tactic of identifying entities or applications that are known to put devices at a higher risk of security breach and blocking those applications from being installed or updated. These include obvious things like viruses, spyware and other malware. The strategy is to block any application that is on the blacklist and allow everything else.
As employees increasingly use additional devices like mobile phones and tablets for both work and personal, endpoint protection extends beyond workstations and servers. The benefit of this approach is it’s easy to manage and allows a broad range of other software to be installed depending on each employee’s business need. The drawback to blacklisting is the effort required to maintain an up-to-date list of malware programs. In 2017, there were 959 new specimens of malware identified per hour, or 16 per minute.
Whitelisting is the opposite approach that defaults to denying access to any application, user, IP address, email, service, or program that isn’t on an approved list. Administrators take into consideration each user’s role, business processes, and privileges, build an approved list, and deem everything else to be bad. Whitelisting is considered to be more secure, more accurate, and easier to customize. While whitelisting creates a simple and distinct perimeter that protects a network, it’s a massive undertaking to manage considering many users’ need for specialized software required for their job function.
As a cloud based endpoint protection solution, Automox supports your security procedures by allowing you to enforce required software and removing blacklisted software that is downloaded without your permission or knowledge. Once you have deployed the lightweight agent across your infrastructure, you immediately have full visibility of the hardware and software configuration of every endpoint.
Using the Automox policy engine, you can create both required software policies and blacklist policies. Once created, you can quickly and easily apply specific policies to groups of endpoints, based on department, geography, or any other criteria you set.
And because Automox is cloud based, it’s ‘self healing’ as well. Once a policy is active, each time it runs, it corrects any changes that have been made since the last time it ran. If someone deleted a piece of software from their device, it will be reinstalled. Or if someone downloaded software that is blacklisted, it will be removed.
Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes aperture of attack by more than 80% with just half the effort of traditional solutions.
Cloud-based and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.
Experience modern, cloud-based patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.