A new policy setting on Windows 8 and Windows Server 2012 is intended to support clients running a version of Windows prior to Windows 8 that are trying to access a file share that requires user claims. This policy setting may be needed where there are local file access policies that include user claims.
A new policy setting on Windows 8 allows you to lock down your workstation after a period of inactivity. Although, you could lock down a user session based on idle time in previous Windows systems, this setting as a policy is only found on Windows 8 and Windows Servers 2012 systems.
The machine account lockout threshold setting is a new security policy found only on Windows 8 and Windows Server 2012 machines. This new security setting determines the number of failed logon attempts by users before locking down the machine. A locked out machine can only be recovered by providing the BitLocker recovery key at the console. A BitLocker recovery key is a special key that you can create when you turn on BitLocker Drive Encryption for the first time on each drive that you encrypt.
A new policy setting on Windows 8 and Windows Server 2012 allows you to disable users from adding new Microsoft accounts on your computer.
The Group Policy ‘Turn on Enhanced Protected Mode’ for Microsoft’s Internet Explorer 10 allows you to enforce additional protection against malicious websites by using 64-bit processes on 64-bit versions of Windows. In addition, IE 10 on Windows 8 also limits the locations Internet Explorer can read from in the registry and the file system when Enhanced Protected Mode is enabled.
For compliance or security reasons you may wish to remove from the logon screen the name of the last user who successfully logged on to a computer. You can achieve this by applying a Group Policy called Interactive logon: Do not display last user name.
In Windows 7 similar to previous versions of Windows, you can display a message comprising a title and some text for users attempting to log on to their computers. The message will appear before the interactive login screen. This may be used for legal reasons, for example, to warn users about the ramifications of misusing company information or to warn them that their actions may be audited.