Unmanaged Applications

Introduction

Over-reliance on basic allowlists and blocklists can leave an organization vulnerable. Gaining visibility and creating comprehensive policies that encompass all discovered applications, not just frequently used ones, is crucial for creating effective network security policies and achieving a zero-tolerance approach to unmanaged applications.

The Impact of Unmanaged Applications on Productivity and Security

There are two primary strategies for addressing unmanaged applications: allowing or blocking their use. While a Zero Trust approach often favors blocking for strict network control, it can disrupt IT operations and lead to increased administrative overhead with access requests whenever an inadvertently restrictive allowlist policy is implemented. Furthermore, all newly installed applications will be blocked by default, falling under the category of unmanaged software. Balancing security and productivity is key to effective unmanaged application management.

Managing Unmanaged Applications

Endpoint Central's Application Control offers the flexibility modes Audit Mode and Strict Mode to preview the impact of blocking or allowing unmanaged applications. Audit Mode enables testing and monitoring of unmanaged applications. Both allowlisted and unmanaged applications can run simultaneously while events are collected. After analysis, admins can address unmanaged applications by adding them to appropriate allowlists or blocklists based on usage patterns and switch to Strict Mode for enhanced security, once the unmanaged applications are resolved and allowlists are defined. While a zero-unmanaged-application count is ideal, organizations can maintain Audit Mode with ongoing monitoring for a more flexible approach.

The unmanaged applications of each associated policies can be viewed under Unmanaged Apps in the specific groups under Deploy Policy. Following are the ways to resolve the unmanaged applications:

  • Add to Allowlist/Blocklist: The unmanaged applications can be selected and added to be allowlisted/blocklisted.
  • Move to Existing App Group: They can be moved to an existing application group and it will get associated with the specific custom group it has been deployed.

    Unmanaged Application

  • Restore: After moving the unmanaged application to be allowlisted/blocklisted, they can be restored back by this option under Application Groups.

    Restore Unmanaged Application

Note: In strict mode, the unmanaged applications can be requested. Learn more.

If you have any further questions, please refer to our Frequently Asked Questions section for more information.