Citadel / Controls / ForbiddenApplications

ForbiddenApplications Control

What does this control check?

The ForbiddenApplications control checks that you don't have any applications installed that violate your organization's security or compliance policies. The specific list of forbidden applications is configured by your IT team based on security requirements and business needs.

Important: Citadel will tell you which specific application(s) need to be removed. Applications may be forbidden for various reasons: they might pose security risks, violate licensing agreements, conflict with company policies, leak sensitive data to unauthorized services, or simply be unauthorized shadow IT tools. Your IT team has determined that these specific applications should not be used on company devices.

Why is this important?

🚨

Security Risks

Forbidden applications may contain malware, vulnerabilities, or features that expose your device and company data to security threats that your IT team has identified.

📤

Data Leakage

Some applications may upload your files or data to external services without proper encryption or authorization, potentially exposing confidential business information.

⚖️

Compliance

Using unauthorized or unlicensed software can violate regulatory requirements, licensing agreements, and company policies, creating legal and financial risks for your organization.

How to fix this

Uninstalling Applications on Windows

  1. Click the Start button and select Settings
  2. Click Apps
  3. Click Installed apps (or Apps & features on older versions)
  4. Scroll through the list to find the forbidden application
  5. Click the three dots (⋯) next to the application name
  6. Select Uninstall
  7. Click Uninstall again to confirm
  8. Follow any additional prompts to complete the uninstallation
  9. Restart your computer if prompted
Alternative method: Search for "Add or remove programs" in the Start menu to access the same settings.
⚠️ Important notes:
  • Check with IT support if you need a replacement application for your work
  • Some applications may require administrator privileges to uninstall
  • If you can't find the application in the list, contact IT support for assistance
  • Don't just delete the application folder - use the proper uninstall process

Uninstalling Applications on macOS

  1. Open Finder
  2. Click Applications in the sidebar
  3. Find the forbidden application in the list
  4. Drag the application to the Trash
  5. OR right-click the application and select Move to Trash
  6. Enter your password if prompted
  7. Empty the Trash: FinderEmpty Trash
  8. Click Empty Trash to confirm
For stubborn applications: Some apps include their own uninstaller. Check if the application folder contains an "Uninstall" app, or look in Applications → Utilities.
⚠️ Important notes:
  • Check with IT support if you need a replacement application for your work
  • Some applications may require administrator privileges to uninstall
  • If you can't find the application in Applications folder, contact IT support
  • Some apps leave behind preference files - this is normal and not a security concern

Verifying the fix

After uninstalling the forbidden application, Citadel will automatically verify this control during its next check.

To verify the application is removed:

  1. Open SettingsAppsInstalled apps
  2. Search for the application name in the search box
  3. The application should no longer appear in the list
  4. Restart your computer to ensure all components are removed

To verify the application is removed:

  1. Open Finder and click Applications
  2. Use the search box (top-right) to search for the application name
  3. The application should no longer appear
  4. Check the Trash is empty
  5. Restart your Mac to ensure all components are removed