Forum Discussion

StuartK73's avatar
StuartK73
Iron Contributor
Jul 15, 2019

Windows 10 Best Practices

Hi All

 

Is there such a thing as a Windows 10 Best Practices doc / guidance or this is just driven by client requirements?

 

Setting up a Windows 10 PoC and just wondered if there was a BP on Device Restrictions  / Endpoint Protection etc.

 

Info appreciated

  • StuartK73 

    Not sure if there exists a comprehensive "policy" but for a start you should adopt security baseline. For other things to consider: 
    1) Monitoring - consider implementing Windows Analytics https://docs.microsoft.com/en-us/windows/deployment/update/windows-analytics-overview
    2) Data security - protect sensitive data with backups - OneDrive Enterprise State Roaming with KFM is a good starting point

    For Intune specific - I'm not a fan of using Device restriction policies as they tend to affect UX a lot - do that only when you have to cut the access. 

    Intune also doesn't yet expose full capability of CSP policies, UI doesn't reflect it. You have a LOT more settings available by configuring CSP policies directly. 

Resources