Also known as an allow-list, is a cybersecurity strategy which approves email addresses, IP addresses, domain names or application, denying access to others. Users can only gain access to the whitelisted items.
These are used by IT administrators to help safeguard computers and networks from threats both locally and across the internet.
How does it work?
It is a strict policy set by IT administrators in line with the cybersecurity strategy of an organization. Content on the whitelist does not require permissions when access is attempted. A list is compiled of all sources, applications and destinations that users may need access to in order to fulfil their work requirements. The list is then applied to networks, desktops or servers.
Denied requests may include locations or services that fall within the following criteria:
- are software or malicious code such as ransomware or malware;
- content that is not in compliance with internet usage guidelines; and
- could lead to an accidently data breach
Types of whitelisting
Email whitelistingÂ
Telling your spam filters that the senders on the whitelist are legitimate and emails which they send should be accepted. This helps to avoid having to scroll through spam filters for important information and prevent the likeliness of a successful phishing attack. Only contacts on the whitelist will have their emails accepted, so ensure you add any new contacts to the list.
IP whitelisting
Site administrators can set rules for servers so that only certain IPs can access them.
Application whitelistingÂ
Devices are instructed only to run apps that are on the whitelist and treat others as malicious. You can also block activity within an app, allowing the necessary functions to be used without causing any issues.
Advertising whitelisting
The most common example of this is ad blockers. This involves allowing certain ads to reach users while blocking others.
Why whitelist?
- Recommended for large organizations and SMEs, particularly those with high security standards or whose employees work remotely and wish to gain access to corporate networks through their own devices.
- Protect from malware – stop phishing emails and maladvertising
- Protect personal device from installation of insecure software
- Narrow down IPs and emails that can reach your website or email inbox
Whitelisting best practices
- Document and categories all whitelisted objects and content making it easy to review
- Be specific when creating a whitelist object – who needs access? why do they need access?
- Perform reviews to add or remove apps and services
- Apply effectively by placing users into access groups and applying whitelists based on their job function.