Educause Security Discussion mailing list archives
Re: Windows 10 Security Profile
From: "Barton, Robert W." <bartonrt () LEWISU EDU>
Date: Thu, 10 Mar 2016 23:26:50 +0000
Is this across the board for all machines, or just desktops (etc.)? IMO, for a desktop, turning these off is perfectly fine. When you start to talk about a laptops, phones, or Surfaces, you get into a different group, and I would consider different standards. Some additional questions - Have you considered exemptions (and how to...) from this standard? Can you enforce this standard; keep people from enabling various settings? Have you communicated why this is being done? Included "them" in on the process? If left enabled, can you segment the traffic (secure vs. insecure)? Robert W. Barton Director of Information Security Lewis University One University Parkway Romeoville, IL 60446-2200 815-836-5663 From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Homer Manila Sent: Thursday, March 10, 2016 5:14 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Windows 10 Security Profile All, We are in the middle of designing a Windows 10 image for the first time and are considering turning the following privacy-related settings/features off: * Wifi Sense * Advertising ID * SmartScreen Filter * Location information (or "Let websites provide locally relevant content") * Speech, Inking and Typing * Send MS info about how I write * Feedback and Diagnostics (or at least set Diagnostic and usage data to Basic) Are other institutions turning off any other privacy settings than these, or think any of these settings are overblown as a privacy issue? We expect Cortana to be a big draw in Windows 10 for our users and are hesitant in turning off any feature that would make it less useful (location settings, or any of the Getting To Know me settings). Additionally, SmartScreen Filter seems it could be a nice security feature to have in the Apps store and Edge. http://lifehacker.com/what-windows-10s-privacy-nightmare-settings-actually-1722267229 http://www.zdnet.com/article/how-to-secure-windows-10-the-paranoids-guide/ Thanks for any feedback! --Homer Manila, CISSP, GCWN Information Security Engineer American University Office of Information Technology 202-885-2209 AU IT will never ask for your password via e-mail. Don't share your password with anyone! This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone at (815)-836-5950 and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication. Thank you.
Current thread:
- Windows 10 Security Profile Homer Manila (Mar 10)
- Re: Windows 10 Security Profile Barton, Robert W. (Mar 10)
- Re: Windows 10 Security Profile Brad Judy (Mar 10)
- Re: Windows 10 Security Profile Eric Lukens (Mar 11)
- Re: Windows 10 Security Profile randy (Mar 11)
- Re: Windows 10 Security Profile Eric Lukens (Mar 11)
- Re: Windows 10 Security Profile Velislav K Pavlov (Mar 11)