Skip to content

Preset Security Policies

Preset security policies are great for getting your users protected, but they are not something I generally recommend for a few reasons:

  1. Only one policy of each type applies to a user at a time, so don't fall into the mistake that the Strict Preset Anti-malware policy applies alongside a custom Anti-malware policy.
  2. You can not see what these policies are configured with via the GUI interface. These can be adjusted with PowerShell I believe as well, meaning your preset policy might not line up with how Microsoft had it configured originally.
  3. You can't customize the policy via GUI interface.
  4. While you can configure who is included in these policies, they always have the highest precedence.

Considerations before deployment

While I would not advise using these policies, they are great if you just want to make sure you have Microsoft's recommended settings applied to your user base.

Policy Configuration

To use one of these policies you simply toggle one of the protections on and then hit manage protection settings to choose the scope and configure a few items, and you are good to go.