I'm toying around with group policy (Self teaching myself) and have stumbled across applocker which i can certainly see the benefits for certain situations however in every company i've worked for users will NEVER use a specific set of programs, there will always property piece of software needed for certain project or certain versions of software which from my research would make using Applocker a pain
My question is that would it be overkill to try and configure applocker to prevent ransomware? I know that the easiest way for randsomware to infect networks is through users opening files from emails that are actually .exe's in disguise so is there a way for applocker to block .exes from running from email only or at minimum require admin credentials to do so?
I know that no network is 100% secure against randsomware etc. but if i can prevent the most used vulnerabilities then that can help