The application allow list includes not only the applications
you provision and administer for business and infrastructure purposes,
but also other applications that your users may need to use in order
to get their jobs done, and applications you may choose to allow
for personal use. Before you can begin creating your best practice
internet gateway security policy, you must create an inventory of
the applications you want to allow.