How do you know that the software being executed on your network is authorized and acceptable? Many organizations struggle with this concept or ignore it altogether. There are generally four approaches to enabling or preventing software usage: White listing of software - A third party application or very tight operating system configuration settings is used to only enable specific authorized program names. Everything else is denied by default. Black listing of software - A third party application specifically controls what programs cannot be run. Anything not on the list is allowed by default. Ignorance – Some organizations simply do not have the staff, resources, technology or concern to attempt any type of analysis of what software is allowed. Auditing – Using one or more methods, an organization takes no immediate action on software usage, but it does track and analyze what programs are available and in use to help make better policy decisions, to have a more intelligent incident response process and to help IT troubleshoot issues.