Microsoft has released guidance to help users of Cloud PCs, which are enrolled in Windows 365 Business and Windows 365 Enterprise subscription plans, to secure their devices and to provide further details on the device's built-in security capabilities, according to BleepingComputer
Christiaan Brinkhoff, principal program manager for Windows 365, said all Cloud PCs are protected on first operation by Microsoft Defender and are "provisioned using a gallery image that is automatically updated with the latest cumulative updates for Windows 10 through Windows Update for Business."
Microsoft recommended that IT administrators at small businesses using Windows 365 Business use Microsoft Endpoint Manager to recategorize each user as a standard user on their device in keeping with standard security practices. In addition, Microsoft advised endpoint users to limit the number of users allowed to log on to their Cloud PCs using local administrator privileges, activate the Windows 365 security baseline to enable Microsoft Defender Attack surface reduction rules and deploy Azure
AD conditional access for more secure authentication to their Cloud PCs.