What is Whitelisting?
Whitelisting, as the word itself suggests, is just the opposite of blacklisting. While blacklisting is all about having a list of online entities to be blocked/disallowed, whitelisting refers to the listing of entities - email addresses, websites, applications etc - that are allowed or can be used/accessed. This is very important as regards the security of enterprise networks.
Email whitelists are part of spam filters that come with email clients and comprise of email addresses, domains and/or IP addresses from which emails are to be always allowed. An exclusive email whitelist allows only emails from entities on the whitelist to get through while a whitelist that’s not exclusive prevents emails from being deleted or sent to the junk folder by the spam filter. Only the end user sets a spam filter to block or delete emails that don’t come from sources on the whitelist. Email whitelists have to be continuously updated since senders of spam emails keep on creating new email addresses for sending emails.
Commercial whitelisting refers to the system as per which an internet service provider would allow someone sending a commercial email to bypass the spam filters set by its subscribers. This would be done in return for a fee, a pre-paid fee that’s either paid annually or per message. Thus commercial whitelists help companies reliably reach across to potential customers via emails.
Non - Commercial Whitelisting
Non-commercial whitelisting refers to the system of allowing emails from certain sources to pass, but not based on a fee and instead based on a series of tests that the sender must pass. Non-profit organizations and internet service providers, who operate such non-commercial whitelists, would set up certain criteria which the email senders would have to satisfy. This might include conditions like the email server of the sender shouldn’t be an open relay and should have a static IP address etc.
Application Whitelisting refers to the computer administration practice which helps list out the desired applications, which only needs to be allowed. So, an Application Whitelist can also be defined as a list of applications that are granted permission by the administrator or the user. The purpose is to secure systems/networks from harmful applications.
Software Whitelists are nothing but the lists of software programs that are permitted to be used, by either the user or the administrator. This is usually done in companies to block the usage of software that are not from trusted sources and which could cause security issues. The basic intention thus is to ensure and guarantee security for systems and organizational networks.
Network Whitelists refer to the listings set up by network admins with an intention to control who all or what all is allowed in their networks. This is done in addition to ensuring encryption because today encryption alone doesn’t guarantee total security. Thus there arises the need to keep insecure contacts/people, programs, applications away from networks and this is where network whitelists gain relevance.