Block List, Deny List

Image Source

A Block List or Deny List is a list of entities that are blocked or denied privileges or access. Hosts or applications that have been previously determined to be associated with malicious activity are examples of entities that may be on a block or deny list. This is a basic control mechanism used by IT professionals that deny access to specific email addresses, IP addresses, URLs, usernames, passwords, etc.

What should SMB Owners do with Block or Deny Lists?

Deny or Block lists are quite useful at SMBs. When you have a phishing campaign coming in attacking your users, you can deny that sender by adding them to a block list.

Similarly you can create block lists for websites that you see a lot of unwanted traffic coming and going to them. For example, you might block Facebook during work hours and allow employees to Facebook after hours or not at all. The same goes for other time wasting websites. Block lists can be used for a lot of mandatory controls on your company and its employees.

Related Term: Allow List, Permit List

Source: DHS personnel, NIST SP 800-94

Share this on your social networks. Help Friends, Family, and Colleagues become more aware and secure.