Enterprises often implement security programs to restrict or limit the permissions and/or access rights of the users of the enterprises' computers and/or networks. For example, conventional security programs can be programmed to prevent a user of the network from installing and/or executing unauthorized software applications unless the user is an administrator of the network having certain permissions granted by the security program.
Some conventional security programs implement “whitelisting” and/or “blacklisting” schemes to determine which software applications can be installed and/or executed by the users governed by the security program. Whitelisting-based security technologies work opposite traditional blacklisting-based technologies like anti-virus. Particularly, blacklisting schemes generate a “blacklist” of software application that cannot be installed and/or executed by a computer that is governed by the blacklisting scheme. In contrast to blacklisting schemes, whitelisting schemes prevent all new software applications from executing on a system unless it has first been added to a whitelist and/or identified as a “trusted” program. Software applications or changes, modifications, or updates thereto that are prohibited by the security program can be referred to as being “out-of-band.”
Conventional computer and/or network security solutions often do not have the flexibility to allow users to install, update, modify, and/or execute out-of-band software on their systems, e.g., for troubleshooting or single-system installs. For example, conventional security solutions attempt to support out-of-band software by either fully allowing a user to perform whatever actions they wish or disabling the product altogether. These conventional approaches to out-of-band software can result in an enterprise being vulnerable to unauthorized access and attacks that can compromise their network and/or data.