The OTP process generates a code specific to a particular endpoint that can only be used once for a predetermined time period. That code effectively operates as a secret key that disappears completely rather than remain in a database, application or other location.
Application allowlisting–formerly application whitelisting–is moving to a dynamic, granular model that sheds the cumbersome, one-size-fits-all approaches of the past. At Airlock Digital, we’re combining application allowlisting with execution control to better protect businesses, and enable administrators to manage risk and trust in fast-changing environments. This is why we’ve branded our cornerstone product Airlock Allowlisting.
What is allowlisting? To put it simply, allowlisting allows only processes, files and applications approved by a business or organisation to run in its environment, with all other processes, files and applications blocked. This reduces the risk of malicious code executing in that environment.
Universities, like many other organizations, stand to benefit significantly from the implementation of allowlisting as part of their cybersecurity strategy. Allowlisting offers several compelling reasons for use cases in university settings. However, implementing allowlisting in university environments comes with certain challenges. In this blog we explore obstacles that universities might encounter as well as solutions to ensure successful implementation of allowlisting.
This blog provides guidance for Airlock Digital customers regarding the AnyDesk security incident. While AnyDesk has stated in their announcement that the software is safe to use, their action of revoking code signing certificates suggests that their existing certificates were likely compromised and should no longer be trusted.
To ensure the continued cybersecurity resilience of organizations across New Zealand, the Computer Emergency Response Team of New Zealand (CERT NZ) recognizes application control (allowlisting) in their Critical Controls framework.
Airlock Digital – Allowlisting Auditor v4. The auditor is a free utility developed designed to comprehensively test application allowlists for weaknesses and misconfigurations, regardless of vendor.
.svg){kind=logo}