主权项 |
1. A method of controlling a first computer in a communications network, the first computer having an operating system having a kernel, the operating system being configured to prevent running of software not identified in a list of approved software, the method comprising:
running a monitoring program on the first computer which provides to a second computer data relating to items of software installed on the first computer; running on the second computer a comparison program which compares the identities of the items of software present on the first computer with approved software identified in the list of approved software, and a risk determination program which determines for each item of software present on the first computer and not on the list of approved software whether it poses a high risk or a low risk, wherein the determination is based on a plurality of risk criteria, and automatically adds to the list of approved software the identity of any item of software present on the first computer determined to be of low risk; and supplying the list of approved software to the first computer whereby the operating system of the first computer prevents the running any item of software absent from the list. |