All users (with the exception of local administrator accounts and break glass accounts) cannot disable, bypass or be exempted from application control.
Topic
Application control
Applicable to
all
History
Priority
should
Mar 2022
All users (with the exception of local administrator accounts and break glass accounts) cannot disable, bypass or be exempted from application control.
The recommendation to disable the use of local administrator accounts has been removed due to a conflict with the Essential Eight Maturity Model. Furthermore, the recommendation allowing any privileged account to bypass application control has been paired back to local administrator accounts and break glass accounts.
Apr 2020
All users (with the exception of privileged users when performing specific administrative activities) cannot disable, bypass or be exempted from application control.
Security controls 0843, 1490, 0955, 1471, 1392, 1544, 0846 and 0957 were modified to replace ‘application whitelisting’ with ‘application control’.
Mar 2020
All users (with the exception of privileged users when performing specific administrative activities) cannot disable, bypass or be exempted from application whitelisting mechanisms.
2015
Users and system administrators must not be allowed to temporarily or permanently disable,bypass or be exempt from application whitelisting mechanisms.
2010
Agencies should ensure that a system user cannot disable the application whitelisting mechanism.