Endpoint Lifecycle & Security Hardening (Windows)

Context

Legacy endpoints are often reused without proper sanitization, creating unnecessary risk. This project simulates a real MSP endpoint lifecycle: decommissioning, sanitization, re-provisioning, and secure handoff to a new user.

Objective

Securely re-provision a legacy Windows workstation for enterprise-style reuse.

Implementation

• Performed secure data sanitization aligned with NIST 800-88 principles.
• Audited and removed unauthorized and legacy software.
• Enforced a zero-trust baseline via local security policies.
• Implemented split-privilege accounts (administrator vs. standard user).
• Enforced credential hygiene through controlled password resets and access review.

Result

A fully hardened Windows 10/11 workstation with reduced attack surface, improved system stability, and clear privilege boundaries. Suitable for real-world enterprise deployment and ongoing MSP support.