ASD's Blueprint for Secure Cloud

Registry settings

This section describes the design decisions associated with Device Configuration for system(s) built using ASD's Blueprint for Secure Cloud.

Estimated reading time: 1 minute

Registry settings are applied to the Windows registry to modify the underlying operating system. Registry settings are typically changed in a client operating system to configure the system or increase the security of system.

There are several tools available to apply registry settings such as:

  • Group Policy
  • Microsoft Intune
  • Microsoft Endpoint Configuration Manager (MECM)

ASD’s Hardening Microsoft 365, Office 2021, Office 2019 and Office 2016 guidance defines group policy settings along with other recommendations to significantly reduce the attack surface available to malicious attacks.

Cloud native deployments

Hybrid deployments

Security & Governance

  • None identified


  • None identified



Do you have a suggestion on how the above page could be improved? Get in touch! ASD's Blueprint for Secure Cloud is an open source project, and we would love to get your input. Submit an issue on our GitHub, or send us an email at

Acknowledgement of Country icon

Acknowledgement of Country
We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.

Authorised by the Australian Government, Canberra