GSS advises manufacturers to look at whitelisting security

That’s the advice from Global Secure Systems (GSS), the specialist IT security reseller and systems integrator. “Whitelisting was a security safeguard used mainly back in the 1980s when IT security software was in its infancy,” explains David Hobson, GSS’ managing director. “But the concept fell from favour because of slower processor speeds then and the need to keep the database in memory at all times.” However, according to Hobson, today’s computers now have processor speeds and memory capability, so the time is now right to revisit the concept. “Almost all anti-virus and anti-spyware technologies are effectively blacklisting solutions in that they block malware and other security problems based on their digital signature,” he says. “The tsunami of malware and new generations of IT security threats makes this approach more than a little out-moded. [So] we are advocating a return to whitelisting technology. “Basically, if an application or executable isn’t included in the whitelist, it isn’t allowed to run. We believe that this approach is very appropriate to the new generation of IT security threats, since it effectively locks down unauthorised activity before the program code can even begin to operate,” says Hobson.