Your overall Carbon Black App Control operating strategy depends on whether you are only interested in getting visibility into file activity on your network or whether you need to exercise a degree of control over the use of software and devices.
It also could vary according to whether you want all of your computers operating at the same security level or you need to control some more than others. In addition, your strategy might change over time, perhaps due to greater experience with Carbon Black App Control, different threat levels, or the frequency with which your privileged users need to run new software that is not managed by IT.
Different operating strategies will require different amounts of preparation and maintenance. You might want to create a reference system – one computer that has all of the applications you want to approve for all of your users and has no applications you don’t want executed on your users’ computers. You can use this system to create a baseline for analyzing any drift of files on other computers, or over time.
Your Carbon Black Support or Services representative can help you develop an operating strategy appropriate for your environment. In addition, you can log in to the Carbon Black User Exchange to research strategies suggested by Carbon Black or used by your fellow Carbon Black users. Here is small sample of relevant postings on the User Exchange:
- App Control Deployment Strategies for Code and Application Developers
- App Control High Enforcement with a Self-Service Install Folder
- Carbon Black Enterprise Protection: Value on “Day 1” (video)
You can search the User Exchange for other topics of interest, for example by using “strategy” or “enforcement” as keywords.