Application Control

Application control is a cybersecurity measure that only allows pre-approved software to run on your computers and servers. It works by maintaining a “whitelist” (allowlist) of trusted applications. If an application or executable isn’t on that approved list, the system will block it from launching. In short, it stops any unknown or unauthorised programs from executing, thereby preventing malware and unwanted software from sneaking in.

Traditional antivirus software uses databases of known threats and heuristic methods to detect malware, then tries to block or remove it. Application control, on the other hand, doesn’t rely on recognising malware at all – it simply blocks everything except what you explicitly allow. This means even a brand-new virus (which an antivirus might not recognise yet) would be stopped, because it isn’t on the trusted list. In practice, application control and antivirus are complementary: antivirus can catch known bad files, while allowlisting covers the gap by stopping unknown files. Together, they provide a stronger defence than either one alone.

Think of application control as an additional layer of defence in your security stack. Firewalls and anti-malware tools are important, but cyber threats are constantly evolving and can sometimes slip past those traditional defences (for example, through a novel ransomware file or a malicious script that isn’t flagged by antivirus). Application control adds a safety net by preventing the execution of anything unapproved, even if it hasn’t been identified as malware yet. This significantly reduces your attack surface. It’s particularly crucial for defending against techniques that other tools might miss, and it’s recommended by the Australian Cyber Security Centre as part of a well-rounded security strategy.

When implemented correctly, application control should not be a hindrance to your business. There is an initial phase where we establish your list of allowed applications – during this time, we work closely with you to ensure all the software your team needs is identified and approved. After that, day-to-day impact is minimal. If someone tries to run a new or unapproved program, it will be blocked until it’s authorised – but we have a quick approval process to handle these cases. In practice, your staff might only notice that unknown apps won’t run (which is exactly the point for security). Legitimate business applications will continue to function normally, and the team at Computer One manages the system to minimise any workflow delays. We aim to enhance security without hurting productivity.

We make the process for new software as smooth as possible. If your team needs to install a new application or an existing application gets an update, there’s a defined procedure: typically, the request comes to our security team (or your IT administrator). We will quickly vet the software or update – essentially checking that it’s safe and legitimate – and then add it to the approved list. Once approved, the software will run normally on all relevant computers. This way, your business can still adopt new tools and keep software up-to-date, with the assurance that every addition has been security-checked.

Yes. Application control (or application allowlisting) is the first recommended item of the Essential Eight – the Australian government’s recommended top eight strategies to mitigate cyber threats. Implementing it demonstrates a high level of maturity in your cyber security posture. Beyond the Essential 8, having a solid allowlisting process can help with various compliance and regulatory frameworks. For example, standards related to information security (like ISO 27001) or industry regulations often expect organisations to control what software is running on their systems. By using our Application Control service, you’re not only protecting your business but also ticking boxes for security audits, insurance requirements, and client security questionnaires that look for proactive measures like allowlisting.

Application control is beneficial for organisations of all sizes. Cyber criminals do not discriminate – small and medium businesses are frequently targeted by ransomware and other attacks. In fact, smaller companies often have more to lose from a single security incident, and may have fewer resources to recover if something goes wrong. Implementing application control greatly reduces the chance of malware ever gaining a foothold, which can be a game-changer for a small business’s security. While enterprise organisations have been using these techniques for years, recent advances (like our lightweight allowlisting technology) make it practical and affordable for smaller businesses as well. No matter your size, if you want a strong defence against cyber threats, application control is a smart layer to add.

Yes, that’s one of the biggest advantages of application control. A “zero-day” attack refers to malicious software exploiting an unknown vulnerability or a brand-new piece of malware that security tools don’t recognise yet. Traditional security might fail to catch it because there are no signatures or prior knowledge of the threat. However, with application control in place, it doesn’t matter how new or stealthy a malware is – if it’s not on the trusted list, it simply won’t run. In other words, even if an attacker develops a completely novel attack, they would still have to somehow get their code approved in your allowlist (which is near impossible if security is managed properly). Application control thereby provides a strong safeguard against the unforeseen and the unknown, complementing your other security measures by covering that zero-day gap.

Computer One provides a fully managed service for application control. Implementation begins with our experts conducting a thorough audit of your existing software – we build an initial allowlist tailored to your business, incorporating all the applications you trust and need. We then deploy the application control agent across your systems and put the policies in place. During an initial learning period, our team fine-tunes the rules (this ensures normal operations aren’t disrupted). Once enforcement is turned on, we don’t disappear – we continuously monitor and maintain the allowlisting for you. That means when you have changes – like new software, updates, or role changes – we update the policies accordingly. We also review logs and alerts to catch any unusual activity and investigate it. In short, we don’t just give you a tool and walk away; we handle the ongoing work to keep application control effective. With Computer One’s team backing you, you can be confident that application control remains an up-to-date and reliable shield for your organisation.