Some automation makes allowlists more manageable

Perhaps it’s no surprise that former Navy pro Jeffrey Wells puts cybersecurity advice in nautical terms: You can’t defend the ocean.

You can control your small part of it, however.

Mechanisms like allowlists, said Wells, permit only a select set of IT-approved applications, not every single boat in the deep blue sea.

“It’s not your only line of defense, but it’s your first line of defense, which makes…a very narrow way for something to get into the organization, and you have at least some control of who gets through that port,” Wells, the retired Navy intelligence officer and current partner at the risk-services company Sigma7, told IT Brew.

Application allowlists, sometimes referred to as whitelists, aren’t as painfully manual as they used to be. Some of today’s control methods automatically build the approved inventory after an audit of everyday practices.

“I wasn’t a fan of whitelists before. But the newer approaches to this, I like, because it takes out a lot of the guesswork,” said Paddy Harrington, senior analyst at the consultancy Forrester