Educause Security Discussion mailing list archives
Re: What's wrong with application whitelisting?
From: John Ladwig <John.Ladwig () CSU MNSCU EDU>
Date: Mon, 5 Apr 2010 13:40:41 -0500
We're doing an early-stage POC with a whitelisting application. As to why there isn't a lot of uptake so far, I think that all of the "don't let users run as admin" discussion points apply, and there's probably more as well. Also, it's not terribly cheap, and there's a fairly tight competition for the dollars that get multiplied out by largish user populations. Plus, whitelisting may be very nice for institutionally-managed machines, but in HE we have a *lot* of non-institutionally-managed machines, so there may be a lot of folks looking at controls that apply across managed and unmanaged systems. Others? -jml
"Watkins, Lewis" <LWATKINS () UTSYSTEM EDU> 2010-04-05 13:22 >>>
Colleagues, Please help me understand something, that I have been trying to make sense of for awhile and just don't get. What's wrong with "application whitelisting"? As best I can tell, application whitelisting has very low penetration in higher education, and I simply do not understand this. There must be issues and dynamics of which I am unaware to explain this. [ snip ]_____________________________________________
Current thread:
- What's wrong with application whitelisting? Watkins, Lewis (Apr 05)
- <Possible follow-ups>
- Re: What's wrong with application whitelisting? Gibson, Nathan J. (HSC) (Apr 05)
- Re: What's wrong with application whitelisting? John Ladwig (Apr 05)
- Re: What's wrong with application whitelisting? Basgen, Brian (Apr 05)
- Re: What's wrong with application whitelisting? Joel Rosenblatt (Apr 05)
- Re: What's wrong with application whitelisting? Russell Fulton (Apr 05)
- Re: What's wrong with application whitelisting? Eric Case (Apr 05)
- Re: What's wrong with application whitelisting? Brad Judy (Apr 06)
- Re: What's wrong with application whitelisting? Howe, Joe (Apr 06)
- Re: What's wrong with application whitelisting? Calcutt, Andrew (Apr 06)
- Re: What's wrong with application whitelisting? Russell Fulton (Apr 06)
- Re: What's wrong with application whitelisting? Jimi Schwar (Apr 07)
- Re: What's wrong with application whitelisting? Watkins, Lewis (Apr 20)
(Thread continues...)