Home Compliance & Certification Autorun Disabled Configuration Guide

Autorun Disabled Configuration Guide

Last updated on Sep 23, 2025

1. Purpose of this Guide

This artefact shows that your company has disabled autorun and auto-launch features on devices. Cyber compliance requires this because malware often relies on auto-execution (e.g. USB autorun, startup scripts) to sneak in. By turning this off, you close a common attack path and prove your devices are hardened.

2. What You Will Submit

You will need:

  • screenshot from your device settings showing autorun or startup programs disabled.

  • This should clearly show:

    • No items set to auto-launch at login/startup, OR

    • A system control panel / configuration window confirming autorun is blocked.

3. How to Collect / Obtain / Generate This Evidence

macOS:

  1. Open System Settings → General → Login Items & Extensions.

  2. Confirm the list is empty (or shows only security-critical apps).

  3. Take a screenshot of the panel.

Windows 10/11:

  1. Press Ctrl + Shift + Esc to open Task Manager.

  2. Go to the Startup tab.

  3. Ensure non-essential apps are disabled (status shows “Disabled”).

  4. Take a screenshot showing the list.

Linux (Ubuntu example):

  1. Open Startup Applications (from Activities search).

  2. Ensure no risky/unnecessary programs are set to auto-start.

  3. Take a screenshot of the empty or minimal list.

MDM / Centralised Management (Intune, Jamf, Workspace ONE):

  • Navigate to device configuration profiles.

  • Show the policy that enforces “disable autorun” or controls startup apps.

  • Capture a screenshot of the applied policy.

4. Evidence Format

  • Accepted file types: PNG, JPG, PDF.

  • Suggested naming format:
    YourCompanyName_AutorunDisabled_YYYY-MM-DD.png

5. What “Good” Looks Like

  • Screenshot clearly shows no unnecessary startup apps.

  • If a startup app is present, it must be business-critical (e.g. antivirus, backup agent).

  • Settings panel is labelled (so auditors can see it’s from the system itself).

Why it matters: auditors want assurance that malware or unauthorised apps can’t sneak in through auto-run.

6. Tips

  • Redact usernames if they appear in the screenshot.

  • For Windows, disable “OneDrive auto-launch” if not required — auditors often check this.

  • Take the screenshot from a real, actively used device — not just a test VM.