It’s no secret that the notorious end-user is potentially the biggest threat to your enterprise. My guess is that on more than one occasion you received a call or email that defensively starts with: “I did not mean to click on that link!”. As you palm-to-forehead and Google whitelisting, you realize you may need to a better approach to protecting your workers.
First, let’s review whitelisting vs blacklisting:
- Whitelisting assumes that everything is bad and only approved executables are authorized. In this case, IT would assume all executables are malicious and will only put them on the list if they prove otherwise. I like to say this is ‘the known.’
- Blacklisting assumes that everything is good and only denied executables are denied. In this case, IT would assume all executables are not malicious and will only add known bad executables to the list. I like to say this is ‘the unknown.’
Seems pretty straightforward, right? In an ideal world, most will deploy a ‘hybrid’ scenario where whitelisting and blacklisting are both used. The reality is, how do you really block ‘the unknown’? The simple answer is, you can’t! According to Deloitte’s “Ransomware: Holding Your Data Hostage”, more than 4,000 attacks occur each day and the target? Your end-users!
Let’s circle back to our worker who unknowingly clicked on a bad link. Many users across your enterprise have been in this situation before. So how can you safely guard your workforce against these threats without completely locking down their environment? The simple answer is context awareness.
What if I could blacklist ‘the known’ based on context to prevent another form of security breaches — prying eyes which could lead to simple social engineering.
In this video, I take you through a simple blacklisting scenario leveraging RES ONE Security.