Checklist: Securing Windows 11 systems
Every operating system should be appropriately secured, particularly end user workstations, which often contain or allow access to company data and upon which most employee job duties are based.
To obtain the maximum security protection out of your Windows 11 deployments, follow this checklist from TechRepublic Premium.
GROUP POLICY CHECKLIST
- Follow Microsoft recommendations for audit logging using Active Directory-based group policies.
- Use Group Policy (either local or domain-wide) to enact the following settings: Require complex passwords, set a minimum password length of eight characters, and set a password minimum age of one day and maximum age of 60 days.
- Configure accounts to lock after five failed attempts, and do not set a reset account lockout counter. This means accounts must be manually unlocked.
- Ensure only administrators can access the system over the network.
- Apply Dynamic Lock settings to configure the OS to lock when the user steps away from their computer.