home

Whitelisting

Whitelisting

(also allowlisting)

Whitelisting definition

A security process in which people can only access a network if they’re on a list of trusted users. If someone can’t prove that they’re on the list, they can’t get into the network. Whitelisting is the opposite of blacklisting (or blocklisting) — it allows approved applications, websites, or IP addresses to operate on a system or network. It is a more trust-centric and secure approach than blacklisting. Whitelisting is like creating a VIP list. Anyone not on the list is not allowed entry to your network or device.

Whitelisting vs. blacklisting

Whitelisting is generally considered to be a safer solution than blacklisting. Blacklists work by letting everyone through except those who are on the list. This way, a yet unknown bad actor can get through your defenses. Whitelisting has stricter rules.

When to use whitelisting

• Email whitelisting can stop most phishing emails, malvertising, and scammers from reaching your inbox, thus minimizing the risk of a cyberattack.
• Whitelisting is a great addition to a company’s cybersecurity practice, whether it’s an SMB or a massive corporation. Implementing whitelisting will restrict access to crucial software and hardware to only trusted and vetted individuals. It is especially useful to companies that have a lot of remote employees who connect to their workplace from home.
• Whitelisting can improve performance by not allowing unnecessary users inside a network or a system, making it easier for trusted users to work in it.

Further reading

Whitelisting — what is it and how does it work?

What is endpoint security?