If you really want to protect your Windows 10 PC from malware and unknown executive files, then the best solution is to create an Application Whitelist Policy. In this tutorial, you will check out detailed article on how to do it.
Application whitelisting is one of the best practice which is used by the IT administrators to prevent their systems from running unapproved executable programs or files on their system. Even the home users can also take advantage of the whitelisting feature to ensure the full protection from malware or ransomware.
The whitelisting feature was first introduced in Windows XP and following the tradition this feature is also available in Windows 10, a recently launched operating system by Microsoft.
If you’re the one running Windows 10 on your computer or laptop, then you must check the following options which you must consider employing on your PCs.
Steps to Create Application Whitelist Policy in Windows 10
1. If you’re using Windows 10 Pro or Enterprise editions, then can whitelist applications using Security Policy settings. For that, you need to type secpol.msc in Windows 10 start menu search bar.
Once you find Local Security Policy Editor, click to launch it.
2. Under Security Settings, you need to navigate to Software Restriction Policies and click on it. If you have defined no security policy, you will see the caution sign with a message that “No Software Restriction Policies Defined” that means you need to create a new Software Restriction Policy.
For that, you need to make right click on Software Restriction Policies and from the options click on New Software Restriction Policies to create a new policy.
3. Once done, On the right panel, you will see different object type. You can double click on Enforcement, Designated File Type, and Trusted Publishers to set your whitelisting choices.
With the help of Software Restriction Policies. You can do following things:
- Whitelist Applications or Programs
- Fight Malware
- Regulate which ActiveX controls can be downloaded
- Run only digitally signed scripts
- Enforce that only approved software is installed on system computers
- Lockdown a machine
Once done with all these steps, you need to head over to Security Level folder under Software Restriction Policies.
Under Security Level folder you will see the follow three options:
- Basic User
Our requirement is to whitelist the applications or programs and for that, make double click on the Disallowed option and click Set as default button on the new window.
That’s it. For more information about Windows Software restriction policies visit TechNet
Use Windows AppLocker for Whitelisting Application
Windows AppLocker, allow or block particular users from installing or using a particular program. You can accomplish this result by using whitelisting rules. It provides administrators to have full control which programs and files users can run. These include scripts, executable files, DLLs, Windows Installer files, Packaged app installers, and Packaged App
With the help of Windows AppLocker, you can block Windows Store apps and block legacy. But this feature only exists in Pro and Enterprise edition of Windows 10.
In Local Security Policy, Under Security Settings -> Application Control Policies -> AppLocker
Suppose you want to Create a rule for Packaged app, then Packaged app Rules and make right click on the “Create New Rule” and fill the preferences according to your requirement.
Create Whitelist Application Using Third Party Software
Third Party Software are also available to whitelist the application. Some of the popular names are CryptoPrevent and VoodooShield. If you’re home users, then you must install Enhanced Mitigation Experience Toolkit, it is freeware tool that helps administrators to have full control over third-party plugins or apps.
Why don’t you give a try to this guide and let us know if you have any query related to it by leaving a comment below.