September 6, 2016

FAQ’s

  • What systems does Trust Lockdown™ protect?

Trust Lockdown currently protects Windows operating systems including servers, desktops, laptops, and tablets.  See Technical Specifications for a list of operating systems and minimum requirements.

  • Does Trust Lockdown work with Apple devices?

    Trust Lockdown currently does not protect Apple devices, but the Dashboard does work with any device that can access the internet.  So you can monitor and control all your endpoints with any of your Apple devices.  See Technical Specifications for a list of operating systems and minimum requirements.

  • Does TRUST LOCKDOWN protect mobile devices?

    Our cloud based Dashboard is fully functional on all mobile devices that can access the internet. You can monitor and control all your endpoints from your mobile device.  However, our malware protection software does not protect Android or Apple devices yet.

  • Is Whitelisting really the best strategy?

    Yes. The U.S. Computer Emergency Response Team (US-CERT under Department of Homeland Security), the Australian and the Canadian governments all recommend application whitelisting as the best protection for all computer systems, adopting it as the #1 malware mitigation strategy.

  • Is Trust-Listing the same as Whitelisting?

    Trust Lockdown is better than whitelisting.  It was built to address the shortcomings of traditional application whitelisting. We saw customers struggle with installation and management. And they failed to scale their deployments. White Cloud Security’s Trust-ListingTM exceeds application whitelisting protection. 

  • Does Trust Lockdown protect against malware script files?

    Yes.  Most of today’s malware use script files as part of their attack.  You can add Trusted Scripts to your protection, which are validated along with executables.  Your trusted script files are allowed to run, and unknown scripts are blocked.

  • What types of endpoints do you protect?

    White Cloud Security protects all the following types of endpoints running Microsoft Windows platforms listed in our Technical Specification:

    • Desktops and Servers
    • Laptops, Tablets, and Portable Devices
    • Point-of-Sale
    • Industrial Control Systems
    • Virtual Terminals
    • Cloud Servers
    • Embedded Windows
    • Automatic Teller Machines (ATMs)
    • Kiosks
    • Casino Gaming Machines

     

  • What types of malware attacks do you protect against?

    White Cloud Security blocks untrusted executables and untrusted scripts. This includes:

    • Ransomware, executable or script based; e.g. CryptoLocker, CryptWall
    • Wiper Virus type attacks
    • Stuxnet type attacks against Industrial Control Systems
    • Watering Hole type attacks where hackers infect trusted websites
    • Droppers from Websites
    • Phishing and Spear Phishing Attack type infections
    • Keyloggers and similar information stealing trojans
    • Executable and Script based Internet Worm type attacks

     

  • What’s in my Trust-List?

    Your Trust-List can include multiple cyber-metric fingerprints, code-signing certificates, or a combination of both. In addition, you can add complete Trust-Lists from other profiles that are visible from your account.  We also offer our stock Trust-Lists to get you started.

  • What happens if a user adds an untrustworthy app to the list?

    Everything on the Trust-List is allowed to run.  If you find an app that is untrustworthy, you simply distrust that app with a single click.

  • How do endpoints maintain protection when not connected to the network or the Internet?

    We have a Persistent Cache feature that protects you in the event you lose connection with the network.  Your Persistent Cache then validates your applications to run when you are offline.

  • What does the end-user see when an app is blocked from running?

    Blocked items are visible to the end-user via local pop-up at the endpoint.  The Administrator can control the visibility of the pop-up from the dashboard for the entire group, or individual endpoints.

    Blocked items are also logged at the dashboard, and an email is sent in real-time to the designated email for that group.

  • What makes Trust Lockdown better than competing application whitelisting and other cybersecurity technologies?

    Other application whitelisting products use push models that are inefficient, not scaleable, and hard to manage. Our patent pending technology eliminates the need to push whitelists to endpoints and significantly reduces network and management overhead.

    Our Trust Lockdown technology has unique advantages that application whitelisting products don’t have:

    • Multiple fingerprint technology that prevents possible hashtag collision attacks
    • Instant protection without scanning the endpoint
    • App usage intelligence through our event logging of all run, blocked, and monitored items
    • Validation of apps independent of user privileges, host name, source, and path
    • Available 2-Man Rule strategy for increased security in change management
    • Reduced CPU usage because of the elimination of push requirements
    • We make application control simple to install and easy manage; eliminating the barriers of adoption

     

  • What makes Trust Lockdown better than other technologies in the industry?

    Other technologies such as blacklisting, behavior analysis, periodic scanning, and sandboxing are all still fundamentally ‘default allow’ technologies.  They can only stop what they know of, based on signature, behavior, whatever.  They require prior knowledge of malware techniques to stop the attack. So none of them can realistically claim to stop all of tomorrow’s Zero-Day exploits.

    Trust Lockdown works using a simple and proven approach: We validate your executables and scripts by unique cyber-metric attributes or code-signing certificates.

    • Only trusted apps are allowed to run
    • Untrusted apps are ALWAYS blocked