Lock down shared PCs with Windows SteadyState

When you’re responsible for the smooth running of computers in a small office, one problem you’ll quickly encounter is that of people making changes that cause problems.

They take off ‘boring’ stuff like anti-virus because ‘it makes the machine slow’. They change the layout of the desktop and confuse other users.

Windows SteadyState lets you prevent unauthorised changes while allowing those that are needed such as security updates. The toolkit is wizard based, easy to use and free to download from

One of the main elements of SteadyState is Windows Disk Protection, WDP. This protects system settings and data on the Windows partition from being permanently changed. You can set WDP to clear all the changes to the Windows partition at regular intervals, such as after a certain amount of time or more usually at restart. WDP works by creating a cache file where all the changes to system and application files are logged. This requires at least 4GB of space on your Windows partition. When the machine is rebooted, WDP deletes the contents of the cache and restores the system to its original state.

You can keep the machine up to date by setting an option to Schedule Software Updates, where you define the updates such as system patches and anti-virus, and when they should be installed.

SteadyState isn’t suitable for all machines, but is ideal if you have situations where a PC is used by a complete novice, or by a number of people and you need to ensure a consistent environment.

locking down a machine with SteadyState
locking down a machine with SteadyState

Share |
Write comment
security image
smaller | bigger



Subscribe and get the magazine in the post before it's online

Subscribe and get access to all of the back issues

To read a sample eMagazine - March 2010



There are plenty of technical discussion sites on the Web, but if you're looking for a community where you have a chance to meet other experts and network in person, check out the list of UK technical user groups at The new Active Directory User Group ( is kicking off with a meeting at Microsoft's London office in October, the Windows Server Team ( is planning meetings in January and Vista Squad
(, the Microsoft Messaging and Mobility Group ( and Windows Management User Group ( are running regular meetings too. read more


Unified communications


The #1 Bestseller for Only 77p