Safetica can prevent users from using certain applications. Discover how to effectively utilize this feature to bolster your company's security.
In this article, you will learn about:
- What are application policies
- How to create a policy to block specific apps
- How to find records of blocked applications
- Recommended application categories to block
- Example: Blocking games for the development team
Introduction: What are application policies
Application policies can be used to restrict users from running specific applications. When an application is blocked, users cannot run it, and they receive a notification when attempting to launch it:
How to create a policy to block specific apps
To set up application-blocking policies in Safetica, follow these steps:
Policies in Safetica are evaluated from the top of the list based on this evaluation system.
- Go to Policies > Applications and click Add policy.
- Enter the name of the policy.
- In the Action section, choose what will happen. The policy may be either blocking or allowing (the allow action is useful for creating exceptions).
- Click Add applications to add the apps you want to control. You can select an application category or individual application(s). You can filter the applications in the list by their name or other columns (e.g. by developer).
- You can also enable Advanced control of individual applications and set up a different action for each application.
- If you enable Advanced control of individual applications, you can change the order of apps in the list. This lets you create more complex scenarios. For instance, you can block launching the Text editor category, but make an exception for one application from the category (e.g. Word):
- Select users or teams to whom the policy will apply. You can either enter their names directly into the search bar or add them via the user tree by clicking the List of users link.
- Switch the Policy status to Enabled.
- Save the policy. It will be added to the top of the policy list.
- Drag-and-drop the policy to its correct position in the list.
How to find records of blocked apps
Records of blocked applications can be found in the Apps section in the Blocked activity tab.
Recommended application categories to block
We generally recommend blocking dangerous application categories like Keylogger and Miners. By blocking Alternative web browsers, you ensure that only browsers supported by Safetica are used. Depending on your company policy, you may consider blocking the Games category.
Creating exceptions for specific users/teams: Should you need to create exceptions for certain users or teams, simply create a policy applied to them and place it above the general company-wide policy.
Example: Blocking games for the Development team
To illustrate, let's create a policy that prevents the development team from playing games.
- Follow the steps outlined above to create a new policy.
- Set Action to Block.
- In the list of application categories, select Games. You could also search for specific games installed in the company in the Applications tab.
- Select the Development team as the affected users.
- Enable the policy, save it, and then drag-and-drop it to its correct position in the policy list.
Example: Blocking IM applications excluding MS Teams
Let's create a policy that will block all IM applications except Microsoft Teams.
- Follow the steps outlined above to create a new policy.
- In the Action section, enable Advanced control of individual applications, so you can set up different actions for different applications.
- Click Add applications. In the Applications tab filter Teams. Select the Teams apps and click Save.
- Click Add applications again, and in the Categories tab select Instant messaging and VOIP software. Click Save.
- Set the Action for Teams to Allow, and for the Instant messaging and VOIP software category to Block.
- Enable the policy, save it, and then drag-and-drop it to its correct position in the policy list.