Block/Whitelist

Overview

Each organization has list of known applications which they do not want installed on its corporate desktops. In some cases, IT may want to permanently prevent users from installing certain applications, while for other applications, blocking the execution of an application may be a temporary measure. In order to stop unwanted software installations, some organizations opt to completely lockdown its desktops. This approach can be unproductive for end users as it doesn't offer any flexibility for supporting non-standard requirements, such as the needs of traveling or remote users.

"White List Only" Model

Some departments and/or jobs, such as customer service areas or bank tellers, only need very limited applications in order to perform their daily job tasks effectively. Viewfinity can be configured to support a "white list only" model so that only approved software can be installed and/or executed. For example, when a teller or customer service representative logs in, his/her desktop is configured to only present and run the applications that are required for them to work. Other standard desktop applications are not available — no games, IM, iTunes, and other prohibited applications are visible.

Is flexible lockdown really possible? Darren Mar-Elia, Microsoft Group Policy MVP, shares his top 10 tips & tricks related to desktop lockdown in this two-page checklist.

Our white listing capabilities provide a single point solution which can be applied to all staff, regardless of worker location, and is in effect regardless of connection status. This model helps IT because it ultimately cuts down on end user support incidents, thereby saving both time and money for enterprises. Review our use case for this feature.

Try it now for 14 days. In four easy steps and in less than ten minutes, the software can be installed and ready for evaluation.

Not sure which product is best for your needs? View our side-by-side comparison of all features.

Automating Compliance Policies

Using Viewfinity, the IT Administrator may establish policies that identify applications (by group if needed) that should be blocked from executing on corporate desktops and laptops. For example, the Brokerage division has a specific policy that prohibits any Instant Messaging software form executing. Viewfinity automatically enforces this policy for members of the Brokerage group, ensuring that these PCs are intact with corporate compliance regulations. Policies can be set for multiple combinations software such as Skype, ICQ, Yahoo Messenger, AOL, etc. Policies can also be flagged to unblock usage of specific applications while the end user is not connected to the corporate network.

Viewfinity group policies are completely automated and will update an individual's policy settings simply by moving an end user's profile from one group to another. An example of this would be if an individual contributor is promoted into a management position. The IT administrator simply moves that user's profile into the management group for that department, and any new applications and/or data that should be visible to him at the management level are automatically made available on his desktop.

Regulation Adherence

For industries that are governed by mandated regulations, such as HIPPA, SOX, FISMA Compliance and others, our product helps IT administrator enforce compliance policies through its flexible, multi-dimensional policy creation capabilities. Our privilege management policies are in effect even when the laptop is not connected to the corporate network ensuring that all compliance rules are strictly enforced at the endpoint level.

Flexible Application Policies for Mobile Workers

Because of our underlying technology, Viewfinity is able to provide far more advanced capabilities than traditional tools. For example, Viewfinity provides flexible control over the "availability" of applications on laptops so that certain applications can only be used when the device is not connected to the corporate network. Through our automated policy management, IT administrators establish rules that correspond to application usage depending on the laptop's connectivity status. For example, IT may decide to block the use of Instant Messengers for connected clients and then automatically disable this policy once the laptop has disconnected from corporate network.

Key Benefits

• Secures desktops & laptops by blocking execution of unapproved software
• Easily implements policies on PCs located outside of your corporate network
• Prevents the use of applications that create security risks
• Reduces the time IT spends maintaining a standard desktop image
• Manages and secures applications from a Central Management Console — no need for individual desk-side visits
• Ensures all mandatory regulations are fully in compliance
• Cloud-computing platform model saves money and time

Key Features

• Allows logical grouping of business applications and sets protection policies based on business unit's common applications, roles, etc.
• Creates work and home profiles containing applications that can be activated / deactivated accordingly
• Provides flexible application lockdown and maintains standard application configurations used to rollback to protected state
• Provides flexible scheduler allowing applications to be block based on timeframe
• Ability to apply "block" policies based end user location (on/off ) corporate network
• Deploys and installs in ten minutes using our cloud-computing platform
• Allows you to build your own pre-established policies distribution platform: configure multiple policies using our easy-to-use wizard interface

Not sure which product is best for your needs? View our side-by-side comparison of all features.

Movies

Viewfinity Block Application video (56 seconds)

Use Cases

White list only

Stolen Laptops

Dual purpose computer

Trial Evaluation

Viewfinity Trial Evaluation

Interactive Screenshot Demo

Interactive Rollover Screenshot

Brochures

Viewfinity Product Overview

Viewfinity Privilege Management