Microsoft has issued its security configuration guidance for Windows 10 in an effort to standardise "a more coherent" framework.
Grading the five security level recommendations, Microsoft says that the lower the level number, "the higher the degree of security hardening".
Level 5: Enterprise security
For enterprise devices, recommendations for this security configuration level are "generally straightforward" and designed to be deployable within 30 days.
Level 4: Enterprise high security
For devices where users access sensitive or confidential information.
Recommendations for this level are generally accessible to most organisations and designed to be deployable within 90 days.
Level 3: Enterprise VIP security
For devices run by an organisation with a larger or more sophisticated security team, or for specific users or groups who are at uniquely high risk.
A firm likely to be targeted by well-funded and sophisticated hackers should choose this configuration. Recommendations for this security configuration level can be complex, and can often go beyond 90 days.
Level 2: DevOps workstations
For developers and testers who are an attractive target both for supply chain attacks and credential theft attacks that attempt to gain access to servers and systems containing high-value data.
Microsoft says that it is still developing this guidance, and will make another announcement as soon as it is ready.
Level 1: Administrator workstation
For administrators (particularly of identity or security systems) who face the highest risk, through data theft, data alteration, or service disruption.
The guidance for this configuration is also still being developed.
Microsoft principal programme manager Chris Jackson explained why the vendor is detailing five distinct recommendations.
"In the past, we left defining the security configuration for Windows 10 as a task for every customer to sort out," he said.
"As a result, we saw as many different configurations as we saw customers."
He added that the vendor recognises that customers have vastly different levels of experience.
"We sat down and asked ourselves this question: if we didn't know anything at all about your environment, what security policies and security controls would we suggest you implement first?"
Some say performance, others say money but it may be systems and processes that carry the day
Q1 paints mixed picture for Sweden-based storage integrator
Carmen Sorice III has issued a rebuttal to Veeam's recent claims the legacy player is slow to innovate
How well do vendors and partners really know each other? Take part in our survey and win a free Amazon voucher
We're asking vendors and channel partners alike to complete our five-minute survey to win a free Amazon gift voucher