Guide to Hardening Windows 10

Introduction

Windows 10 is the most widely used desktop operating system in enterprise environment. It features extensive security policies, allowing in-depth configuration of each security subsystem. To ensure secure computing, administrators must take in consideration all the threats the enterprise might face and deploy appropriate policies. This often includes strict firewall and AppLocker rules.With the rapid pace of Windows 10 feature updates, the recommended security policies change very often, and security guides should change accordingly. This paper will provide an in-depth guide to hardening Windows 10, including configuration of BitLocker, AppLocker, and Windows Firewall. For each security policy or recommendation, impact to security and usability is assessed, along with a MITRE ATT&CK technique mitigated by the policy. Some of the security policies mentioned require additional configuration by administrator based on a specific use cases, a set of deployed software and a network environment. Wedo not recommend home users to deploy the policies.

 

Prerequisites

• Computer running Windows 10 Enterprise/Education, version 20H1 / 20H2 (most of these settings will apply to older versions of Windows 10 or lower SKUs, but compatibility is not guaranteed).
• TPM module.

 

User roles

Not all policies are suitable for all types of users. For this reason, we will be analyzing the suitability of each policy for two types of users depending on their role:
Administrator/Developer – Uses an administrator account, launches a lot of software, and connects different accessories and hardware.
Office Worker – Uses a standard account and the set of their software is limited. Office Workers do not change hardware and accessories without the assistance of the IT
department.

Download Guide to Hardening Windows 10 Technical Guide to learn more.

 

Relevant resources:

Related Resources

Guide to Hardening Windows 10 For Administrators, Developers and Office Workers
For Developers and Office Workers Guide to Hardening Windows 10 Technical Guide

Guide to Hardening Windows 10

Introduction Windows 10 is the most widely used desktop operating system in enterprise environment. It features extensive security policies, allowing...

Case Study - SRUM – Another Windows Time Machine
System Resource Usage Monitor (SRUM) Technical Guide Windows Time Machine

SRUM – Another Windows Time Machine

Overview In standard forensics investigations, sooner or later arises the need to find and extract evidence of program execution on...

Windows Memory Forensics Technical Guide Part 3, Investigating Process Objects and Network Activity
Investigating Process Objects and Network Activity Technical Guide Windows Memory Forensics

Windows Memory Forensics Technical Guide Part 3

Investigating Process Objects and Network Activity. Generally speaking, an object is a data structure that represents a system resource, such...