159 votesPete Westlake supported this idea ·Pete Westlake commented
All UK public sector bodies are instructed to follow NCSC End User Device Guidance (which is essentially just good practice) https://www.ncsc.gov.uk/guidance/eud-security-guidance-windows-10-1709#applicationwhitelistingsection which instructs enterprises not to install applications to locations where users can write files - which includes AppData. Opening up AppData to allow users to run any application is a massive security hole, but whitelisting by application ID is no way to permit it to run as this can change. Please stop ignoring the feedback on user voice and change the way the installer works so that the application is installed to Program Files. AppData should be for just that - data relating to applications.