Overview
During my time as lead Program Manager on Application Control tooling, I drove holistic product and process improvements such as building cross-team partnerships, leading a major documentation overhaul, and generating insights from co-design sessions with customers to inform feature work.
Timeline
2 years
Role
lead PM & researcher
Team
3 primary engineers
Key Skills
strategy, service design, HCI research
Background
What is application control?
Application control is a security strategy that restricts what applications are allowed to run on a device. Instead of taking a reactive approach in which a device assumes that all files are trustworthy and then tries to block known malicious files with an antivirus solution, application control can be used as a proactive approach in which applications must be designated as trusted in order to run.
Why is it important?
Application control is a crucial part of an enterprise’s holistic security suite, preventing file-based malware and spyware from taking over a system or stealing sensitive credentials. The Australian government’s Cyber Security Center lists application control as one of their “Essential Eight” strategies to mitigate cyber security incidents, calling it “one of the most effective mitigation strategies in ensuring the security of systems.”
Who uses it?
Microsoft Application Control is primarily used by security-conscious enterprise customers. Our users were primarily IT Pros responsible for implementing and managing their organization’s application control systems. In turn, end-users are the employees who actually use company devices which are locked down via application control.
What problems were users facing?
Application control is an inherently challenging space, since
organizations must balance security and productivity: overly lax
systems may still allow malicious applications to run, while overly
restrictive systems may prevent end-users from running applications
they need for their work.
Even though Microsoft Application Control tooling existed, it came
with inadequate support and an array of idiosyncrasies that prevented
many customers from successfully deploying and maintaining it across
their systems.
Our Goal
How might we lower the barrier for enterprises to proactively defend their systems against malware and spyware by using Microsoft Application Control?