I would like to be able to review and either approve or deny all user workstation apps. I realize I can blacklist apps, however, this also means that I have to review all apps each time. Therefore, I devised the following structure: I would build three lists (white, gray, and black). The white and black lists would be applications I have either expressly approved or denied. Any other application (or new application) were thereby fall into the gray list. In this way, I only need to review the gray list.
While I am able to build the logic for the smart groups, I am not able to sort based on application, but only by workstation. Therefore, the obvious problem is that nearly every workstation would contain applications meeting criteria for multiple lists.
Is there a better approach? I don't want to be the app police, but am required to prove that I've vetted all user apps. Therefore, any help toward a solution is greatly appreciated. Oh, and I'd also like to avoid a "whitelist only" solution (I don't care if an employee has Angry Birds or something similarly innocuous and I don't want everybody constantly asking why their new app doesn't work).
Thank you.
