From aaa50bcbfc666f4ede7dc2c54af88b9e904dda65 Mon Sep 17 00:00:00 2001 From: Brian Lich Date: Wed, 4 May 2016 13:47:50 -0700 Subject: [PATCH] removing telemetry section that was somehow added back --- ...onnect-your-organization-from-microsoft.md | 117 ------------------ 1 file changed, 117 deletions(-) diff --git a/windows/manage/disconnect-your-organization-from-microsoft.md b/windows/manage/disconnect-your-organization-from-microsoft.md index 9325fea667..03d1063632 100644 --- a/windows/manage/disconnect-your-organization-from-microsoft.md +++ b/windows/manage/disconnect-your-organization-from-microsoft.md @@ -1271,120 +1271,3 @@ You can turn off automatic updates by doing one of the following. This is not re - **5**. Turn off automatic updates. To learn more, see [Device update management](http://msdn.microsoft.com/library/windows/hardware/dn957432.aspx) and [Configure Automatic Updates by using Group Policy](http://technet.microsoft.com/library/cc720539.aspx). - -## Manage your telemetry settings - - -You can manage your telemetry settings using the management tools you're already using, such as Group Policy, MDM, or Windows Provisioning. You can also manually change your settings using Registry Editor. Setting your telemetry levels through a management policy overrides any device-level settings. - -You can set your organization's devices to use 1 of 4 telemetry levels: - -- **Security** (only available on Windows 10 Enterprise, Windows 10 Education, and Windows 10 IoT Core (IoT Core) editions) - -- **Basic** - -- **Enhanced** - -- **Full** - -For more info about these telemetry levels, see [Telemetry levels](#bkmk-telemetrylevels). If you choose Express settings during installation, your device is configured for the Full telemetry level. In Windows 10 Enterprise, Windows 10 Education, and Windows 10 IoT Core, unattended installations configure your device for the Enhanced telemetry level. - -**Important**   -These telemetry levels only apply to Windows components and apps that use the Connected User Experience and Telemetry component. Non-Windows components, such as Microsoft Office or other 3rd-party apps, may communicate with their cloud services outside of these telemetry levels. App publishers must let people know about how they use their telemetry, ways to opt in or opt out, and they must separately document their privacy policies. - -  - -### Use Group Policy to set the telemetry level - -Use a Group Policy object to set your organization’s telemetry level. - -1. From the Group Policy Management Console, go to **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Data Collection and Preview Builds**. - -2. Double-click **Allow Telemetry**. - -3. In the **Options** box, select the level that you want to configure, and then click **OK**. - -### Use MDM to set the telemetry level - -Use the [Policy Configuration Service Provider (CSP)](http://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) to apply the System/AllowTelemetry MDM policy, using one of these telemetry values: - -- **0**. Maps to the **Security** level. - -- **1**. Maps to the **Basic** level. - -- **2**. Maps to the **Enhanced** level. - -- **3**. Maps to the **Full** level. - -### Use Windows Provisioning to set the telemetry level - -Use Windows Provisioning and the Windows Imaging and Configuration Designer (Windows ICD) tool - part of the [Windows Assessment and Deployment Kit (Windows ADK) toolkit](http://go.microsoft.com/fwlink/p/?LinkId=526803) - to create a provisioning package and runtime setting that sets your organization's telemetry level. - -After you create the provisioning package, you can email it to your employees, put it on a network share, or integrate the package directly into a custom image using Windows ICD. - -**To use Windows ICD to integrate your package into a custom image** - -1. Open Windows ICD, and then click **New provisioning package**. - -2. In the **Name** box, type a name for the provisioning package, and then click **Next**. - -3. Click **Common to all Windows editions** > **Next** > **Finish**. - -4. Go to **Runtime settings** > **Policies** > **System** > **AllowTelemetry** to configure the policies. You can set it to one of the following: - - - **Disabled \[Enterprise SKU Only\]**. Maps to the **Security** level. - - - **Basic**. Maps to the **Basic** level. - - - **Full**. Maps to the **Enhanced** level - - - **Diagnostic**. Maps to the **Full** level. - -5. After you've added all of your settings to the provisioning package, click **Export** > **Provisioning package**. - -6. On the **Describe the provisioning package** step, in the **Owner** box, click **IT Admin** > **Next**. - -7. On the **Select security details for the provisioning package** step, if you want to protect the package with a password, select the **Encrypt package** check box. If you'd like to sign the package with a certificate, select the **Sign package** check box and select the certificate to use. Click **Next**. - -8. On the **Select where to save the provisioning package** step, if you want to save it somewhere other than the Windows ICD project folder, choose a new location, and then click **Next**. - -9. On the **Build the provisioning package** step, click **Build**. - -### Use Registry Editor to set the telemetry level - -Use Registry Editor to manually set the registry level on each device in your organization, or write a script to edit the registry. - -If a management policy already exists (from Group Policy, MDM, or Windows Provisioning), it will override this registry setting. - -1. Open Registry Editor, and go to **HKEY\_LOCAL\_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\DataCollection**. - -2. Right-click **DataCollection**, click **New**, and then click **DWORD (32-bit) Value**. - -3. Type **AllowTelemetry**, and then press ENTER. - -4. Double-click **AllowTelemetry** and set the value to one of the following levels, and the click **OK**. - - - **0**. This setting maps to the **Security** level. - - - **1**. This setting maps to the **Basic** level. - - - **2**. This setting maps to the **Enhanced** level - - - **3**. This setting maps to the **Full** level. - -5. Click **File** > **Export**, and then save the file as a .reg file, such as **C:\\AllowTelemetry.reg**. You can run this file from a script on each device in your organization. - -### Additional telemetry controls - -There are a few more settings that you can turn off that may send telemetry information: - -- To turn off Windows Update telemetry, you have two choices. Either turn off Windows Update, or set your devices to be managed by an on premises update server, such as [Windows Server Update Services (WSUS)](http://technet.microsoft.com/library/hh852345.aspx) or [System Center Configuration Manager](http://www.microsoft.com/server-cloud/products/system-center-2012-r2-configuration-manager/). - -- Turn off **Windows Defender Cloud-based Protection** and **Automatic sample submission** in **Settings** > **Update & security** > **Windows Defender**. - -- Manage the Malicious Software Removal Tool in your organization. For more info, see Microsoft KB article [891716](http://support.microsoft.com/kb/891716). - -- Turn off Linguistic Data Collection in **Settings** > **Privacy**. At telemetry levels Enhanced and Full, Microsoft uses Linguistic Data Collection info to improve language model features such as autocomplete, spellcheck, suggestions, input pattern recognition, and dictionary. For more info, see the **Get to know me** setting in the [Speech, inking, & typing](#bkmk-priv-speech) section of this article and the **Send Microsoft info about how I write to help us improve typing and writing in the future** setting in the [General](#bkmk-priv-general) section of this article. - - **Note**   - Microsoft doesn't intentionally gather sensitive information, such as credit card numbers, usernames and passwords, email addresses, or other similarly sensitive information for Linguistic Data Collection. We guard against such events by using technologies to identify and remove sensitive information before linguistic data is sent from the user's device. If we determine that sensitive information has been inadvertently received, we delete the information. \ No newline at end of file