Despite the vast amount of data available, IT teams often resort to simplistic blocklists and allowlists, focusing solely on frequently used applications. This oversight can leave unmanaged applications exposed, as network administrators have limited visibility into their activities.To effectively manage and secure networks, it's imperative to create comprehensive policies that encompass all discovered applications. By maintaining a zero-tolerance approach to unmanaged applications, organizations can achieve complete control over their network environment.
There are two primary strategies for addressing unmanaged applications: allowing or blocking their use. Organizations committed to a Zero Trust approach often opt to block unmanaged applications to maintain strict network control. While this enhances security, it can significantly disrupt IT operations. IT administrators may be overwhelmed with access requests whenever an inadvertently restrictive allowlist policy is implemented. Furthermore, all newly installed applications will be blocked by default, falling under the category of unmanaged software. Finding the optimal balance between security and productivity is crucial when managing unmanaged applications.
Endpoint Central's Application Control offers flexibility modes like Audit Mode and Strict Mode, allowing administrators to preview the impact of blocking or allowing unmanaged applications. This informed approach helps in making informed decisions before implementing policies. Audit Mode enables the creation of tentative allowlists and associated policies for specific user or system groups. Both allowlisted and unmanaged applications can run simultaneously while events are collected. After analyzing these events, IT administrators can address unmanaged applications by adding them to appropriate allowlists or blocklists based on usage patterns. Once unmanaged applications are resolved and allowlists are defined, policies can be switched to Strict Mode for enhanced security. While a zero-unmanaged-application count is ideal, organizations seeking a more relaxed approach can maintain Audit Mode with ongoing monitoring.
The unmanaged applications of each associated policies can be viewed under Unmanaged Apps in the specific groups under Deploy Policy. Following are the ways to resolve the unmanaged applications:
Note: In strict mode, the unmanaged applications can be requested. Learn more.
If you have any further questions, please refer to our Frequently Asked Questions section for more information.