Increasing Windows security by hardening PC configurations
European Organization for Nuclear Research (CERN),
2 Universidad de Oviedo, Oviedo, Asturias, Spain
* Corresponding author: firstname.lastname@example.org
Published online: 17 September 2019
Over 8000 Windows PCs are actively used on the CERN site for tasks ranging from controlling the accelerator facilities to processing invoices. PCs are managed through CERN's Computer Management Framework and Group Policies, with configurations deployed based on machine sets and a lot of autonomy left to the end-users. While the generic central configuration works well for the majority of the users, a specific hardened PC configuration is now provided for users who require stronger resilience against external attacks. This paper describes the technical choices and configurations involved and discusses the effectiveness of the hardened PC approach.
© The Authors, published by EDP Sciences, 2019
This is an Open Access article distributed under the terms of the Creative Commons Attribution License 4.0, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.