Jump to content
Jon

CESG Releases Windows 10 Guidance for Official Clearance Level

Recommended Posts

Jon

I've had an alert setup for the release of this document because I had to follow a lot of CESG guidance on a previous contract and the guidance on Microsoft Accounts / Windows Store on Windows 8.1 and it was quite interesting. Today they have released their Windows 10 guidance and it's worth a read. Quite dry as it's a list of Group Policy settings mainly, but interesting:

https://www.gov.uk/government/publications/end-user-devices-security-guidance-windows-10

Of note:

  • Cortana: Disabled
  • OneDrive (consumer): Disabled
  • Settings sync: Disabled
  • Windows Store: Disabled (but with a note that in Windows 10 you can create a company store and whitelist applications)
  • Microsoft Passport: Disabled
  • Microsoft Account (consumer): Disabled

What is also interesting is that the millions of privacy options and reg hacks that have been going around are not in there, so might have been a storm in a tea cup after all.

There is also some guidance on using cloud services for those secure organisations that need to:

https://www.gov.uk/government/collections/cloud-security-guidance

 

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Similar Content

    • antonioj84
      By antonioj84
      Hi all to the forum guru and expert I am trying to  automate this. in the registry  I have the network profile name network 2 and network   I want to  change their  CATEGORY  to Private .  Can someone lead me in the right direction.
      Private is 1 and Public is 0
      #RequireAdmin Global $sHKLMRoot = @OSArch = "x64" ? "HKLM64" : "HKLM" RegWrite($sHKLMRoot &"\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\NewNetworks" ,'/v NetworkList /t REG_MULTI_SZ /d 00000000 /f') see  attached picture below
      Much appreaciate
       

    • PhoenixPRO
      By PhoenixPRO
      When I try to automate this install program I can not get any of the buttons to click with the "ControlClick" function or any mouse movement to move the mouse to the and click it.  My OS is Windows 10 64Bit.  I have tried both 32bit and 64bit installs of Autoit V3 to no avail.
      I could not even get the run command to start the program until I used the variation of the command below in the script.
      With the script below the install program starts but will not click the "Next" button no matter what I do.
      Any help will be greatly appreciated.
      Thanks in advance.
       
      #include <MsgBoxConstants.au3>
      Opt("MouseCoordMode", 0) ;1=absolute, 0=relative to active window, 2=client
      Local $Success
      Run(@ComSpec & " /c " & 'C:\PhoenixPro_Install\RDXUtil\RDX_Tools_setup.exe', "C:\PhoenixPro_Install\RDXUtil", @SW_HIDE )

      WinWait("RDX Tools 1.62 - InstallShield Wizard", "Welcome to the InstallShield Wizard for RDX Tools 1.62")
      WinActivate("RDX Tools 1.62 - InstallShield Wizard", "Welcome to the InstallShield Wizard for RDX Tools 1.62")
      ControlClick ("RDX Tools 1.62 - InstallShield Wizard", "Welcome to the InstallShield Wizard for RDX Tools 1.62", 1639, "left", 1) ;Next Button
    • TheWizEd
      By TheWizEd
      How do I work with 2D arrays.  I've tried this but get errors.
      Local $aTest[4][4] = [[1,2,3,4],[5,6,7,8],[9,10,11,12],[13,14,15,16]]
      ;$aTest[0][] = [10,11,12]  ; Error at []
      Local $sTest = ""
      For $i = 0 To UBound($aTest)-1
        Local $aExtract = _ArrayExtract($aTest,$i,$i)
        $sTest = $sTest & MyTest($aExtract)
      Next
      Func MyTest($aTemp)
        _ArrayDisplay($aTemp)
        ; Error at    v $aTemp
        Return String($aTemp[0]) & " - " & String($aTemp[1]) & " - " & String($aTemp[2]) & @CRLF
      EndFunc
       
       
    • AndyK70
      By AndyK70
      I'm trying to fill a ListView with all normal viewable windows to act with them.
      First I tried with WinList:
      Local $aWinList = WinList("[REGEXPTITLE:(?i)(.+)]") Local $aTmp, $iID ;~ _ArrayDisplay($aWinList) For $i = $aWinList[0][0] To 1 Step -1 ; going backwards not disturbing the index while cycling through and deleting some If StringStripWS( $aWinList[$i][0], 3) == "" Or _ Not BitAND(WinGetState($aWinList[$i][1]), $WIN_STATE_VISIBLE) Or _ BitAND(WinGetState($aWinList[$i][1]), $WIN_STATE_MINIMIZED ) Then _ArrayDelete($aWinList, $i) Else ; Window has a Title and is "visible" $aTmp = WinGetPos($aWinList[$i][1]) If $aTmp[0] < -1000 Or $aTmp[1] < -1000 Then ; Window is minimized or tray icon _ArrayDelete($aWinList, $i) EndIf EndIf Next $aWinList[0][0] = UBound($aWinList)-1 ; getting actual # of windows ; Each row is now [ID]=> [Title], [hWnd] But it keeps getting Windows which are definitely not there at least not visible:

      Those windows "Rechner", "Einstellungen", "Netflix", "Microsoft Store", ... are not there!?! 
      It should list only the first three windows, which are real.
      I even tried it with _WinAPI_ UDF:
      $hWnd = _WinAPI_GetForegroundWindow() ; Add items _GUICtrlListView_BeginUpdate($idListview) If $hWnd <> 0 Then $iI = 0 Do If _WinAPI_IsWindow($hWnd) And _WinAPI_IsWindowVisible Then _GUICtrlListView_AddItem($idListview, WinGetTitle($hWnd)) _GUICtrlListView_AddSubItem($idListview, $iI, $hWnd, 1) $iI += 1 $hWnd = _WinAPI_GetWindow($hWnd, $GW_HWNDNEXT) EndIf Until $hWnd = 0 EndIf But it is the same...
       
      How can i distinguish those invisible windows from normal ones?
      PS: I'm using Windows 10, maybe it is important to know?
    • davidacrozier
      By davidacrozier
      Hello all ~
      I am running an autoit script on Windows 10 inside VMware Workstation 12 Pro version 12.5.2.  Technically I am remoting into ESXi which has a Domain Controller (DC), WebServer, FilServer, Windows 10, etc.  Using the GUI (i.e. running explorer.exe) I am able to open several different folders successfully.  The desktop, documents, USB external all open without issue.  The network share opening gives me issues.  Whenever I attempt to open \\filserver\users\user\sharedfolder I get the documents folder instead.  I understand that the documents folder is the default for explorer.  I have also attempted to use the letter drive mapped to the network share (Z:) and receive the same result.  When I run this script on Windows 10 alone without  the VM or the ESXi I am able to open the network share without problems.  I have tried to use the net use command to designate a letter M: to the network share folder prior to running the script.  This did not work for me.  
      One additional avenue I think might work is to use the systreeview321 and _GUICtrlTreeView_FindItem to step through the tree looking for the network share.  Once found,  double click on it and see if that opens the shared network folder.  I can click inside the VM with my mouse on the network share and it opens just fine.  Not sure if running up against GUI issues, or permission issues, or what?
      Thanks in advance,
      Davida Crozier
      TestNetworkShare.au3
      This script is a subset of a much larger program, but it illustrates what I am dealing with.

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.