Allowlisting
Allowlisting definition
Allowlisting is a security process in which users can only access a network, device, or system if they’re on a pre-approved list. It applies not only to people but also to applications, websites, or IP addresses. Allowlisting is the opposite of blocklisting — it allows approved users to operate on a system or network. It is a more trust-centric and secure approach than blocklisting. Allowlisting is like creating a VIP list. Anyone not on the list is not allowed entry to your network or device.
See also: blocklist, endpoint security
Allowlisting vs. blocklisting
Allowlisting is generally considered to be a safer solution than blocklisting. Blocklists work by letting everyone through except those who are on the list. This way, a yet unknown bad actor can get through your defenses. Allowlisting has stricter rules.
Allowlisting use cases
- Network access control. One of the most popular uses of allowlisting is restricting access to a network. In such case, only pre-approved devices or users can connect. This can prevent unauthorized access to sensitive company information or resources.
- Application control. Allowlisting can restrict the installation and execution of applications on a system. Only pre-approved applications will be allowed to run to prevent malware from infiltrating the system.
- Website filtering. Allowlisting can stop network users from accessing websites that have not been pre-approved. Some companies use it to prevent employees from accessing non-work-related websites. Parents often do it to protect children from inappropriate content.
- Email filtering. Allowlisting can also filter incoming email messages based on their sender to prevent phishing attacks and other email-based scams.
- Device access control. Allowlisting can be used to restrict access to certain devices, such as USB drives or printers. This may also prevent unauthorized access or data theft.