For Application Whitelisting, SecureAPlus makes use of Trusted Groups and Users who will have the rights to –
- add new whitelist
- modify the trust level of each program file
- run any installation software that is trusted as an installer
- modify SecureAPlus settings.
By default, Administrators is the default trusted group who are allowed to do anything on Windows. Likewise for SecureAPlus which will work on every Windows machine. For enterprise user with several administrators, you can add specific administrators to the Trusted Users and remove Administrators from the Trusted Groups. This is to only give rights to specific administrators instead of all the administrators.
One user can belong to a certain group or it can belong to multiple groups.
As shown under the Trusted Groups tab, these are the default groups created by Windows.
As shown under the Trusted Users tab, you may specify the Windows users to have rights to modify the whitelist and settings by entering the Windows User Id.
- For Windows to boot up and run all the operating system files, it will log on as the System account in the background. Likewise, for Local Service and Network Service accounts, Windows have to use these accounts to perform some operating system tasks such as Windows Update. Therefore, all these 3 accounts have to be found in the Trusted Users list so as to allow Windows to add new whitelist and perform their tasks as per normal without being blocked by Application Whitelisting.
Note that when non-trusted user account tries to execute a Trusted Installer application, the trust level will be automatically downgraded to Trusted Application during run-time (not permanent).
In addition, for non-trusted users, their SecureAPlus is always in Lockdown mode and they do not have permission to change the application whitelisting modes.
This post is also available in: Japanese