It’s that time of year when we gleefully allow a peculiar man promising presents to bypass our standard security measures and enter our homes. If Santa can get in so easily, how do we know more malicious characters, like the Grinch, aren’t entering to steal the presents we lovingly purchased for our families?
Like Santa, there are many apps and activities we trust and want to allow to enter our computer networks. And like the Grinch posing as Santa, there are dangerous programs and hackers we want to keep out of our computer networks.
Let’s start with keeping the bad guys out. In your home, you might employ several layers of security to protect your property: fences, walls, locked doors, and perhaps even a monitored security alarm system. And if you were worried about a specific intruder like the Grinch, you might pass his picture around the neighborhood, so you get an alert before he even arrives at your house. When it comes to your business network, best practices include layers of security as well: firewalls, antivirus software, email security and automated monitoring keep out malware, exploits, and hackers. If there’s a Grinch virus, blacklisting can specifically bar entry to the virus and known points of attack before it gets inside.
However, our holiday homes would not be very cheerful if we kept everyone out just because we were afraid of the Grinch. We’d like Grandma and our friends to come over to celebrate, and we may even give our relatives and favorite neighbors keys to our house. Your business also needs to allow computer programs entry into your network, just to get work done, makes sales, and communicate with customers. Our same firewalls, email security, antivirus software, and automated monitoring are configured to allow normal activity that isn’t malicious to proceed. Sometimes those security tools get confused about “nice” software that is acting “naughty.” If you have business software named Santa that tries to use an unusual network port (like coming through the chimney when everyone else uses the front door), your cybersecurity tools may need special instructions that identifies that the Santa program is permitted to enter through the chimney, but that no other programs are allowed to do so. In network terms, this is called “whitelisting.” Whitelisting is the opposite of blacklisting, it identifies programs and transactions that we want to allow, even if they look a bit quirky and wear red suits.
I hope you’ve enjoyed learning a bit more about network security, blacklisting and whitelisting with the help of Santa and the Grinch. If you have any questions about cybersecurity, call me. From our family at arielMIS to yours, we wish you Happy Holidays.
arielMIS is a Managed Service Provider (MSP) providing businessCARE™ IT services designed to keep you and your employees productive and safe. Contact Us if you're interested in learning more about our services.