Articles >

Application Control Can Improve Your Security

Sophos

By Tony Ross

People often object to Application Control saying they need only anti-virus. Why does anyone need anti-virus? Obviously, to block viruses, i.e. malware. Where does most malware come from? The Internet. What is the most common way it infects computers, is it by users downloading and executing it? No. Malware infects computers by exploiting vulnerabilities in applications. Therefore every application with a vulnerability becomes a potential vector for malware. Fortunately, as vulnerabilities are discovered, vendors provide patches. Organizations apply those patches to managed and manageable applications. Therein lies the rub. Unmanaged applications are not patched, which means every unmanaged application is a vector for malware to exploit the computer and infiltrate the organization.

If unmanaged applications are a line of exposure to malware, what is a minimum required capability of a security strategy to protect computer systems from it? Controlling and managing what applications and versions of applications can run on a computer.

How do we solve that problem? We solve that problem through Application Control, integrated into our anti-malware engine. Being an integrated element of our scanning engine, Application Control prevents unmanaged or disallowed applications running and reduces the exposure to malware. Therefore Application Control is, first and foremost, a layer of defence against malware and it is an essential layer. As added benefit it also helps companies in the areas of end user productivity and flexibility as well as IT efficiency.