19.7.7.1 (L1) Ensure 'Configure Windows spotlight on lock screen' is set to Disabled'

Information

This policy setting lets you configure Windows Spotlight on the lock screen.

The recommended state for this setting is: Disabled

Note:

Per Microsoft TechNet

, this policy setting only applies to Windows 10 Enterprise and Windows 10 Education editions.

Enabling this setting will help ensure your data is not shared with any third party. The Windows Spotlight feature collects data and uses that data to display suggested apps as well as images from the internet.

Solution

To establish the recommended configuration via GP, set the following UI path to Disabled :

User Configuration\Policies\Administrative Templates\Windows Components\Cloud Content\Configure Windows spotlight on lock screen

Note: This Group Policy path may not exist by default. It is provided by the Group Policy template CloudContent.admx/adml that is included with the Microsoft Windows 10 Release 1607 & Server 2016 Administrative Templates (or newer).

Impact:

Windows Spotlight will be turned off and users will no longer be able to select it as their lock screen.

See Also

https://workbench.cisecurity.org/benchmarks/15105

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, 800-53|CM-7, CSCv7|16.11

Plugin: Windows

Control ID: 404ff8de85bd32806e92f88d271ff85239b40cf8d1e9f6880e77a10244c32f55