Understanding the security aspects of website whitelisting

Emily Brown

Dec 23, 2021

7 min read

John was an important person. He handled a lot of things that were essential to the working of the company. He was smart and successful. One day, he visited an illegal torrent website from his company laptop to download the latest Spiderman movie. He got the movie but a sneaky ransomware encrypted all his important files.

Does this story sound familiar? While John is hypothetical, his situation is not. There are millions of malicious websites on the internet. It is very easy to introduce malware to websites. The attackers can infect the websites with a JavaScript code that only executes when the user loads the website or clicks on a certain link. When it is this simple, it stands to reason that the attackers are very active in the cyberattacks involving websites. They can steal data, introduce malware to the system and even cause the whole system to collapse. As a person responsible for your company’s data and its protection, what can you do to prevent these attacks? That’s where website whitelisting comes in.

What is website whitelisting?

Website whitelisting is a regulation that system administrators use to block user access to all websites except for the required ones. The admin can create a list of safe and approved websites that the user requires. Once the website whitelisting policy is in effect, the end-user can only access the pre-approved websites.

Hexnode UEM supports web content filtering – website whitelisting and blacklisting – in Android, iOS and macOS devices.

Get started for free.

Website whitelisting in iOS

Whitelisting websites is a simple process if the iOS devices are enrolled in Hexnode. This feature is only available for supervised iOS devices. On configuring the website whitelist policy, private browsing would be disabled for the users. The users would also not be able to clear the browsing history and website data in Safari after the website whitelisting policy is in effect.

Website whitelisting in Android

The Hexnode admin can specify the website URLs to be whitelisted in a policy. You can also choose whether to allow Google Play Store or not. The Android devices should be enrolled in Hexnode. Another point to be noted is that website whitelisting and web content filtering only works on Samsung Knox devices with Customization SDK of 2.6 or higher.

Website whitelisting in macOS

On whitelisting the websites in macOS, the users would not be able to access any other websites from the Safari browser. If you want to restrict the users from accessing the websites in any browser, you should use the app blacklisting/whitelisting feature to restrict all other browsers on the device.

App whitelists and blacklists

We have apps for everything. We use it for sending emails, messaging services, listening to music, watching videos, monitoring your health and literally everything. Downloading and using apps from unknown sources pose a huge security risk to your devices. Create app whitelists or blacklists with Hexnode to prevent the users from installing or using any potentially dangerous apps.

Whitelisting vs Blacklisting

Whitelisting and blacklisting are like two sides of the same coin. While whitelisting involves allowing certain websites and blocking all others, blacklisting follows a slightly different approach. Instead of creating a whitelist, the admins create a blacklist. This list has all the website URLs that are to be blacklisted, I.e., the websites that the user wouldn’t be allowed access to. Simply put, website blacklisting is blocking certain website URLs and allowing access to all others.

Blacklisting the websites could be enough in some cases. However, more often than not, it is not enough. There are new websites popping up by the second and the blacklist would have to be regularly updated. It would be a tedious job for the admin – and not a very productive one. In contrast, whitelisting the websites give the attackers lesser legroom to work with.

Hexnode’s UEM solution allows the admins to configure both blacklisting and whitelisting the websites. Go for the option that suits your use-case best.

Benefits of whitelisting

Whitelisting is a popular security tactic deployed by admins. There are some really good reasons for its popularity.

  1. Secure browsing experience: Just like John, employees are tempted to browse things that do not exactly fall under the work domain. It is hard to keep track of everything that the employees do. It would also not be a healthy work environment if you need to continually monitor everything that your employee does. Whitelisting the websites that you can visit resolves this problem to a great extent. Since the employees are restricted to the pre-approved secure websites, the security risk is highly reduced. All you need to make sure is that there aren’t any unsecure websites in the whitelist!
  2. Reduced data expenses: Who doesn’t love office Wi-Fi? It is fast and it is free. For large enterprises, the data costs would not probably be something to worry about. However, the increased data expenses could be a major setback for small and medium-sized businesses. Whitelisting just the required websites would prevent the users from using it for their own purposes. Now, John definitely wouldn’t download movies or watch football on the company network.

    Data expense management with Hexnode

    Hexnode UEM has a set of policies and regulations designed to reduce the data expenses of the organization.

    Network data usage management for Android

    Hexnode allows admins to monitor and manage how the users use the mobile data and Wi-Fi in the managed Android devices. Set up rigid usage rules and get notified if the usage exceeds the limit. You can also restrict the data usage after a certain limit.

    Expense management for iOS

    For iOS devices, Hexnode lets the admins configure network usage rules for the managed apps. You can restrict cellular data usage and even prevent users from using mobile data while roaming.

  3. Increased productivity: While working, it is perfectly normal to be distracted for a minute or two by those perfectly targeted advertisements or a random Google search that leads to more. However, these minutes turn into hours and before you know it, the whole day has gone by without any work done. Website whitelisting is one of the ways that you can prevent users from wasting their time unintentionally.

Website Kiosk mode

There is something closely related to website whitelisting – Website kiosk mode. In website kiosk mode, Hexnode locks down the iOS or Android device into a set of required websites or web apps. The admin could do it in two ways:

  1. Configure a set of web apps and lock the device into just that set of web apps. The user would not be able to access anything except the pre-configured web apps. The admin will have to configure the web apps in their Hexnode web portal before configuring the kiosk policy.
  2. Limit the user access to just the web browser and whitelist the websites that the user needs. The user can access only the web browser app in the device. Not only that, the user would be limited to the whitelisted websites while browsing the internet.

Featured resource

Hexnode Kiosk Browser

Understand the full capabilities of Hexnode’s Kiosk browser for your organization and implement cutting-edge web browsing features with top-notch security.

Download datasheet

A small step into a secure future

While website whitelisting alone would not ensure a cyber-secure work environment, it is definitely one of the steps that can help. There are also other uses of website whitelisting such as for web-based kiosks. While there are multiple software and tools in the market that would let you do website whitelisting, it is better to go for a UEM solution like Hexnode in the long run. It would help you to manage, monitor and secure all the work devices across different platforms in a highly scalable manner.

Emily Brown

Reading is therapy and writing is healing...sincerely, a cool nerd.

Share your thoughts