Most successful attacks on Windows 10 systems can be detected or prevented with on-board operating system tools. To facilitate its configuration, the German Federal Office for Information Security (BSI) has published recommended actions for securing Windows systems in German and English as part of the "Study on system structure, logging, hardening and security features in Windows 10". The focus was on simple implementation and practical application. Therefore, the BSI makes the recommended configuration settings available for download as group policy objects that can be imported directly into Windows.
The publication is part of an analysis in which the BSI is examining security-critical functions of the operating system. The aim is to be able to evaluate security and residual risks for the use of Windows 10, to define framework conditions for a secure use of the operating system and to create recommendations for a hardening and secure use of Windows 10. The recommendations are primarily aimed at federal and state authorities, but also at companies. Technically savvy burghers can also implement the recommendations – depending on the Windows 10 version they use.
The BSI plans to publish further results successively. The analyses include components such as Powershell, Application Compatibility Infrastructure, driver management and PatchGuard. The subject of the investigation is Windows 10 Enterprise LTSC 2019 64 Bit in German language. The studies already completed and conducted on the basis of LTSC version 1607 will be aligned with the current LTSC version and updated to the new operating system version.