Cybercrime was estimated to cost the world 8 trillion USD in 2023. With the threat of malicious software increasing year after year, independent software vendors need to prove to customers their networks are protected from attacks.

Application control overview

Application controls are used to manage and limit the running of apps on devices or systems. It helps stop unapproved or harmful software from being installed, lowering the chance of security breaches and data loss. Application control works in harmony with traditional methods like antivirus solutions-signature-based detection to fight against malware.

For organizations, making sure that only approved users can access sensitive information is essential. However, when a user runs a process, that process has the same level of access to data that the user has. As a result, sensitive information could easily be erased or sent out of the organization if a user intentionally or accidentally runs harmful software. Having strong app control policies in place can help mitigate the potential of a security breach.

Microsoft 365 Certification validates application controls

During Microsoft 365 Certification, auditors will check that application control safeguards are in place by evaluating whether the system effectively controls the installation and running of applications, making sure only authorized software can run on the ecosystem.

ISVs will provide evidence that an approved list of software and applications exists with specific business justifications for each. Window group policies will be reviewed to ensure that only approved software and applications are allowed, as well as ensuring that path control is in place.

Certification also validates that there is a defined approval process for sign-off on application requests, and that app control technology like Windows Defender Application Control and AppLocker are in use.

Next steps

To learn how Microsoft 365 Certification validates app control best practices are in place for your application, visit the Microsoft 365 Certification application control evidence requirements. To start certification, go to the Microsoft Partner Center dashboard, select an app from Marketplace offers overview, and select App Compliance.