Windows 11 Enterprise provides the tools required to deliver a secure environment to access sensitive and valuable information and systems.
There are many options to consider when creating and securing local user accounts that will gain authorized access to your systems. The most important rule is to never log in to computers with local admin rights enabled, and to instead use run-as to elevate rights with a separate administrative account. Also, never log in to a client computer with domain-privileged accounts, and limit logging on to trusted IT PCs only, such as PAWs. Finally, ensure all administrative account passwords are unique across computers, complex, and changed regularly.
In the next chapter, we will explore remote administration for troubleshooting and remote assistance.