New Zealand CERT’s critical controls for 2018 are continuing the experts trend of preaching patch management and application whitelisting. This morning an article in Security Brief NZ broke down the 2018 critical controls for NZ in detail. Like previous CERT recommendations in the United States, the core of protection comes from upgrading legacy systems/patch management and application whitelisting. In addition, it’s important to enforce better user policies and controls including the principle of least privilege and disabling unused protocols to close security holes in your network and entire environment.
Dynamic Application Whitelisting
Application whitelisting is a security practice that has been around for a very long time but hasn’t been implemented largely because of the demand it places on IT. As Michael Bosnar points out in Security Brief NZ, “You can’t patch everything, so you need to control access to the applications you can’t patch. Application whitelisting can help, but seen as overly complicated to deploy and requiring near-endless management, it can feel restrictive to end users and downright painful to IT.” Dynamic whitelisting offers a different approach that looks for ways to remove the workload that is normally placed on IT while still enjoying the great protection. PC Matic Pro has implemented this approach of dynamic whitelisting for years with great success using our Globally Automated Whitelist. Basing protection on a Globally Automated Whitelist removes the work required of the IT admin as our dedicated malware research team handles unknown applications our customers see and adds good software to our Global Whitelist for all customers.
“Making sure your operating systems and applications are patched is crucial to helping ensure that the organisation’s environment remains secure. Many organisations overlook this, as there is an assumption that Microsoft System Centre Configuration Manager (SCCM) patches all your applications.” While we can set up automatic updating in Windows 10 now very easily, it’s important to keep third party applications up to date as well to close potential security holes. PC Matic Pro automatically patches 30 vulnerable applications from third parties that would typically leave security holes in the network or device. Taking this burden off of IT admins and integrating it into a solution with dynamic whitelisting gives a great foundation for security.
With continued backing from CERT agencies around the world, we’re very confident in the approach that PC Matic Pro is taking for our business customers. Providing a dynamic whitelisting solution that is affordable and easy to use allows even the smallest business without an IT team to implement this highly recommended approach.