The table below mirrors the Apple glossary you already saw, but for Windows 10 or later (Pro, Enterprise, Education, SE, and LTSC, where noted).
Use it when you’re inside Device Management → Policies → New Policy → Windows and need to know what each payload does.
All Windows policies can be used for BYOD or company-owned.
Policy | What it controls | Supported Min. OS | BYOD Compatible |
Windows AppLocker Policy | Create allow/deny rules for EXE, MSI, Script, and Packaged apps. Learn more → | Pro 10 + / Enterprise 10 + / Education 10 + / SE 10 + / LTSC 10 + | Yes |
Windows AutoPlay Policy | Manage AutoPlay settings on the device. Learn more → | Windows 10 + | Yes |
Windows BitLocker Auto Policy | One-click silent BitLocker enable/disable (no advanced options). Learn more → | Windows 10 + | Yes |
Windows Remote Printing Policy | Enhance security by preventing remote printing on Windows devices. Learn more → | Windows 10 + | Yes |
Windows Certificate Install (SCEP/PKI) Policy | Push user/computer certs (PFX, SCEP) & trust anchors. Learn more →
For example, push Okta's SCEP certificate. Learn more → | Windows 10 + | Yes |
Windows SCEP Certificate Policy | SCEP profile for auto-enrolling certificates. Learn more →
For example, push Okta's SCEP certificate. Learn more → | Windows 10 + | Yes |
Windows Connectivity Policy | WLAN/LAN proxy, metered-network flag, tethering, hotspot. Learn more → | Windows 10 + | Yes |
Windows Cron Policy | Set every X days to restart a device or set EOD of X date to restart a device. Learn more → | Windows 10 + | Yes |
Windows Defender Policy | Real-time protection, cloud heuristics, engine updates, and exclusions. Learn more → | Windows 10 + | Yes |
Windows Edge Extension Deployment Policy | Force-install / block Edge add-ons. Learn more → | Windows 10 + | Yes |
Windows Firefox Extension Deployment Policy | Force-install / block Firefox add-ons. Learn more → | Windows 10 + | Yes |
Windows Google Chrome Extension Deployment & Blocking Policy | Force or block Chrome Web Store extensions. Learn more → | Windows 10 + | Yes |
Windows Google SSO Policy | Configure Google Workspace login at the Windows lock screen. Learn more → | Windows 10 + | Yes |
Windows Google Chrome Browser Policy | Manage key Chrome browser behaviors on Windows devices using Swif. Learn more → | Windows 10 + | Yes |
Windows Guest Account Policy | Controls whether the built‑in Windows guest account can be used to log on to a device. Learn more → | Windows 10+ | Yes |
Windows Login Message Policy | Custom legal banner title & body before sign-in. Learn more → | Windows 10 + | Yes |
Windows Microsoft Remote Desktop Policy | Allow RDP, network-level auth, encryption, and clipboard rules. Learn more → | Windows 10 + | Yes |
Windows Password Policy | Length, complexity, history, and grace period rules. Learn more → | Windows 10 + | Yes |
Windows PIN Policy | Windows Hello for Business PIN length, complexity, and expiration. Learn more → | Windows 10 + | Yes |
Windows Power Policy | AC/DC sleep, lid close, hibernate, display timeout. Learn more → | Pro 10 + / Enterprise 10 + / Education 10 + / SE 10 + / LTSC 10 + | Yes |
Windows RADIUS (802.1X) Policy | PEAP/MS-CHAPv2 or EAP-TLS wired, Wi-Fi, and VPN profiles. Learn more → | Windows 10 + | Yes |
Windows Remote Desktop (Splashtop) Policy | Initiate an on-demand RDP session from the Swif console. Learn more → | Windows 10 + | Yes |
Windows Shared PC Policy | Shared-PC mode, guest account lifetime, and local storage limits. Learn more → | Windows 10 + | Yes |
Windows Software Update Policy | Quality & feature update deferral, automatic reboots, and bandwidth. Learn more → | Windows 10 + | Yes |
Windows Tracking Policy | USB port and Device lock. Learn more → | Windows 10 + | Yes |
Windows Taskbar Policy | Specifies the list of applications that should appear pinned to the Windows taskbar. Learn more → | Windows Pro 10+ Windows Enterprise 10+ Windows Education 10+ Windows SE 10+ IoT Enterprise / IoT Enterprise LTSC 10+ | Yes |
Windows USB Policy | Allow/block removable storage, set read-only, specify device IDs. Learn more → | Pro 10 + / Enterprise 10 + / Education 10 + / SE 10 + / LTSC 10 + | Yes |
Windows User Authorization Policy | Local account creation, admin elevation, and guest enable/disable. Learn more → | Windows 10 + | Yes |
Windows VPN Policy | IKEv2, L2TP, SSTP, Automatic, Always-On VPN profiles. Learn more → | Windows 10 + | Yes |
Windows Wi-Fi Policy | WPA2/WPA3 Enterprise & PSK network profiles. Learn more → | Windows 10 + | Yes |
Windows Security Logger Policy (AI Security Report) | Vulnerability scanning Learn more → | Windows 10 + | Yes |
Tips
BitLocker Auto is the recommended payload for most orgs—enables encryption silently with escrow to Swif’s key vault.
AppLocker supports rules per Publisher-SID for modern (AppX/MSIX) apps and traditional binaries.
Policies tagged Pro 10 + require at least Windows 10 Pro; Home editions will ignore the payload.
To write a custom policy, you can find more details at Configuring Windows Custom CSP Policies in Swif.