Month: December 2023

Preventing users from shutting down specific devices

by

This week is a short post about the ability to prevent users from shutting down, or restarting, specific devices. That is something already often used for specific servers, like domain controllers, to prevent users from shutting them down. There are, however, also good reasons why that might also be very useful and beneficial on specific devices. Think about devices that host critical business processes that can only be turned off, or restarted, during specific windows. For those devices the user right to shutdown that device, should only be provided to a few trusted users, or administrators. So, not just removing the shutdown, or restart, button, but actually removing the user right to perform a shutdown. Luckily, nowadays there is an easy method for configuring the …

Read more

Discouraging data leakage on Windows 365

by

This week is all about a few newly introduced features to discourage data leakage specifically for Windows 365. Within the Microsoft 365 solution there are many different options for protecting data. On the data itself as well as platform specific options. Windows 365 is the latest platform that can be added to that list with platform specific solutions. Windows 365 recently introduced screen capture protection that can be used to discourage leaking data by preventing it from being captured. Besides that, it also introduced watermarking that can be used to discourage leaking data by adding a watermark to the desktop that can be traced to the session or desktop of the user. Different solutions, for different scenarios. This post will start by briefly introducing both …

Read more

Managing security policies for Dev Drive

by

This week is all about another new Windows 11 features and that feature is Dev Drive. Dev Drive is a new form of a storage volume that is aimed at improving performance for key developer workloads. It enables users to create a separate volume on their device that will improve the performance for disk-bound operations such as cloning, building, copying files, and package restore. To gain that performance, Dev Drive builds on ReFS technology. That technology provides file system optimizations and more control over storage volume settings and security. That includes trust designation, antivirus configuration, and administrative control over what filters are attached. All of that, could also be a reason to make sure that some security-minded Dev Drive configurations are in place. To make sure …

Read more