Enterprise use of application control, on at least some PCs, will increase from 30% in 2017 to over 50% by 2022.
It’s no secret that application control is one of the most effective ways to ensure the privacy and security of data. By allowing only preapproved files to run, application control has the power to block the vast majority of malware threats and keep systems secure. Once in place, these solutions provide tight security, smooth operations, and requires very little oversight. Implementation, however, can be challenging as it requires security, operations, and business teams to plan and work together. To facilitate a successful deployment, organizations need to plan carefully, and allocate resources intelligently. Gartner recommends application control projects be organized in three phases–plan, pilot, and enforce–in order to achieve optimal results.
Source: Gartner (August 2017)
Plan It Out
The first phase of implementation is comprised of several parts. First you must get business buy in. Educating your company on the benefits of application control is critical. Often, businesses are stuck in their ways and hesitant to shift to new practices–even when those practices are objectively safer than the ones in place. Next, it’s time to strategize with your operations teams. Application control impacts ops teams heavily, and giving them a clear rundown of what to expect helps ensure alignment and gathers support. Lastly, it’s time to implement management infrastructure. Successful application control needs a “scalable, available back-end infrastructure” in order to have continuous process execution monitoring.
During the second phase, a pilot is deployed among a portion of the company’s systems. This pilot should last long enough to run all applications that exist in the company–even the ones that might be used quarterly or annually. The system will then give an inventory of the applications it is the job of operations and security teams to determine the usefulness of these applications to the company. In this step they will also weed out any unwanted applications running on their systems such as malware, bloatware, adware, etc.
Keeping track of sources of change is also critical. Understanding how changes are made to the system, and where they come from, allows businesses to add trusted sources of change to their policies. This way general updates can be installed without halting operations and causing a headache for security teams.
It’s important to test your sources of change policy for a few weeks to ensure nothing has slipped through the cracks. Once this is done, it’s time to execute a phased rollout, starting with your least critical resources and moving to your most. From here businesses can start to put certain devices in high enforcement. Not every machine can or needs to have this level of security, but monitoring them still provides relevant insights to the company.
The Bottom Line
Application control remains one of the top ways to keep systems safe and secure. These steps serve as a guide to anyone debating making the jump from traditional AV. Although implantation takes a bit of work, the long term benefits exponentially outweigh the effort required.
Want to know more? Check out Gartner’s How to Successfully Deploy Application Control report.