Antivirus software is about 40 percent effective, according to ZueS Tracker, a tool that tracks malicious hosts. This statistic is startling, especially for organizations that rely almost solely on antivirus to protect their most sensitive data from malicious attacks.
Truly protect your business with whitelisting. It is, essentially, the inverse of antivirus. Antivirus identifies malicious content and stops it from attacking your environment. Whitelisting, on the other hand, is a process of identifying what should be able to run in your environment and blocking everything else.
There are several types of whitelisting, each focusing on identifying different types of safe content. Email whitelists, for example, identifies email addresses, domains or IP addresses that are safe and always allowed through your email.
For the purposes of best protecting your practice or firm, we’ll focus on two types of whitelisting:
Through this approach, you identify software that is necessary for your organization and safe to run, and block all other software.
Application whitelisting removes the ability for users to download and use software that may be malicious, which puts your data at risk.
Internet whitelisting creates a list of websites that users are permitted to visit, while blocking all others.
Similar benefits apply to internet whitelisting as application whitelisting. Users are not allowed to access websites that may cause harm to your environment or put your data at risk. Plus, your staff cannot waste time on websites that are not deemed necessary to perform their job.
How does it work?
Whitelisting can be configured by your IT department through use of Windows Group Policy or by home users with a whitelisting product like CryptoPrevent (application whitelisting) or OpenDNS (internet whitelisting).
For Apple products like iPhones, iPads and other IOS devices, application whitelisting is automatically enabled.
Different positions within your practice require access to different applications and websites. For example, your marketing team may need access to social media sites like Facebook, Twitter or Pinterest as part of their role within the practice. Your reception staff, on the other hand, likely does not need access to these sites to perform their job duties. Configuring your whitelisting with role-based permissions will allow for protection of your data while still enabling your staff to work effectively and efficiently.
What do you recommend for my practice?
Pairing application and internet whitelisting policies with your current antivirus strategy will provide a greater level of protection for your users and your data.
Talk to your IT department or IT service provider about setting up whitelisting policies in your Windows environment. “Watch mode,” a tool provided by most whitelisting products, provides a baseline of applications and websites that your team uses. Based on that list, you can make decisions on whitelisting policies.
Lastly, implement whitelisting policies on secondary devices that are storing or transmitting patient data. Mobile devices, kiosk workstations, and home computers can carry malicious content into your environment if infected. Make sure you’re covering all the bases by identifying each device that connects to your network.
Protecting your network and client data cannot be left to staff education alone. Even with the best intentions, users will fall victim to the increasingly sophisticated phishing attacks that can wreak havoc in your IT environment.
Policies like internet and application whitelisting help reduce the threat of malware while increasing productivity and effectiveness.