We will be installing windows 10 fresh from ISO to serve as a virtual workstation for our future projects. I’m aware there are tons of scripts and tools to do the below. This guide is to get pretty good security on your workstation without spending forever writing scripts and searching the internet. We will be using GPOs and tools later to turn off all this BS but for now just do the clicking.
Install Windows
Follow the steps in the image carousel below for the basic setup. The privacy related instructions are in the next step.
Install Windows Continued - uncheck all the things
When you get to this point in the install the guideline is to uncheck anything that corresponds to “tracking”, “doing more” and “digital assistance”. Every one of those marketing words are keywords for sending data to Microsoft.
Uncheck All the Things
After Windows boots, hit Start > Settings > Privacy. The guideline here is similar to the previous step - uncheck anything related to tracking or using hardware on your device. Continue down the list of the left, unchecking stuff.
The only exception here is Background Apps. There isn’t a huge privacy concern here but if desired you could limit background apps to things you actually use,.
Install Updates
After adjusting all the privacy settings, hit Start > Settings > Update & Security > Check for Updates > Reboot when prompted
Check for updates again just to be sure!
Activate Windows
Let’s get rid of that pesky “Acitvate Windows” watermark. Go to Start > Settings > Search for “Activation” and click on Activation Settings. Scroll down to Update product Key and click Change Product Key.
Activate Tamper Protection
In the bottom right-hand corner double click the Windows Defender shield. Turn on Virus and threat protection.
Next you could easily go and install VS code and Windows 10 terminal as seen in the below posts!