Tracking: Windows Telemetry must not be set to Full

0001b667-c79a-4486-802c-32d860cae99e

Telemetry and Data collection was introduced in Windows 2016 Server, this check is for Windows 10, Server 2016, Server 2019.

Some features may communicate with the vendor, sending system information or downloading data or components for the feature. Limiting this capability will prevent potentially sensitive information from being sent outside the enterprise. The "Security" option for Telemetry configures the lowest amount of data, effectively none outside of the Malicious Software Removal Tool (MSRT), Defender and telemetry client settings. "Basic" sends basic diagnostic and usage data and may be required to support some Microsoft services. "Enhanced" includes additional information on how Windows and apps are used and advanced reliability data. Windows Analytics can use a "limited enhanced" level to provide information such as health data for devices.

Remediation

Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Data Collection and Preview Builds >> "Allow Telemetry" to "Enabled" with "0 - Security [Enterprise Only]" or "1 - Basic" selected in "Options:".

Stig Windows 10: https://www.stigviewer.com/stig/windows_10/2019-01-04/finding/V-63683
Stig Windows 2016 Server: https://www.stigviewer.com/stig/windows_server_2016/2017-11-20/finding/V-73551
Stig Windows 2019 Server: https://www.stigviewer.com/stig/windows_server_2019/2019-12-12/finding/V-93257



security-desktop
stig-medium-desktop
compliance-desktop
security-server
stig-medium-server
compliance-server
bestpractice-desktop
bestpractice-server
privacy-desktop
privacy-server