Application Whitelisting is number one on the Australian Signals Directorate “Essential Eight” for good reason. Consider that everything on a computing platform is essentially an “application” so it makes sense to control which ones are allowed to execute. Explicitly allowed applications permit business as usual, safeguarding against malicious code and misuse of productivity tools whether intentional or accidental. Successful implementation begins with an inventory of all applications which define your “Whitelist” and “Blacklist”. We then define rules for general and specific applications to match roles and requirements. Planning is crucial. Testing is critical. Management support and underpinning policies are obligatory.