Recommend and Apply Basic Security Controls Solution

Part 1: Recommendations

Jill & Roy's have many areas to improve their cybersecurity posture. Below are sample answers:

All users should have local or standard user privileges and not be an administrator. The risk is that unauthorized software could be installed. You should remove administrator rights for all users and there should be a separate administrator account for installing new programs on PCs.
You should set a password policy using the Local Security Policy as explained in an earlier lesson. All users should have a password that is at least 8 characters, changed at least every 90 days, and meets the complexity requirements. You can also set the account lockout policies.
Remove any applications that aren't needed for business.
Ensure the Windows operating system and all applications are set to auto-update. See previous lessons for instructions.
Review the use of RDP on the Windows 10 image. That service should be disabled for the business's file/print server. Jill & Roy's should use a secured cloud service for sharing sensitive files.
Create and deliver user security awareness training for all employees. This should include the protection of Personally Identifiable Information (PII) and on the use of personal devices and their safe use for businesses.
Create an announcement upon log-in to remind all employees that these computers are to be for Jlll & Roy's business-use only. This is done in Local Security Policy > Security Options.