There should be two levels of whitelisting. One should be category whitelist and the other should be security. Today if you whitelist an item, it will bypass security and category settings. If a page our company needs, say espn.com is blocked under games, whitelisting it today will allow anything that may compromise it in the future to get through b/c it is no longer being blocked by security settings. If there were two categories, we could unblock from all categories, but still prevent malicious activity if it becomes compromised in the future. If we are willing to take on that risk, then we could put it on the security whitelist.
Please sign in to leave a comment.