Kiosk Device Hardening Checklist – IPERA Solutions

1. Overview

This document describes the security controls applied to all kiosk devices deployed across the smart city projects. Each kiosk runs on Windows 10 Pro with a touchscreen interface and is physically secured in a tamper-resistant enclosure.

Security is enforced at two layers: the IPERA kiosk application (Electron-based) and the Windows operating system configuration. Remote maintenance is conducted exclusively via RDP through the client-provided PAM solution.

Status Legend:

Enforced = Active and mandatory on all devices. Disabled = Service or feature is turned off. Optional = Available upon request.

2. Application Security Controls

Security Control	Description	Status
Electron kiosk mode	Application launches in fullscreen kiosk mode on boot	Enforced
Context menu disabled	Right-click context menu suppressed in application	Enforced
Navigation restricted	Application cannot navigate to external URLs	Enforced
Crash recovery	Application auto-restarts on unexpected exit or crash	Enforced

3. User & Access Controls

Security Control	Description	Status
Dedicated kiosk user account	Standard (non-admin) local user with minimum required permissions	Enforced
Auto-login on boot	Kiosk user logs in automatically; no password prompt exposed	Enforced
Admin accounts restricted	Local admin account exists for maintenance only; not accessible during normal operation	Enforced
Keyboard shortcuts suppressed	Windows key, Alt+Tab, Alt+F4 disabled for kiosk user	Enforced
Command Prompt disabled	Access to command prompt blocked for kiosk user	Enforced
PowerShell disabled	PowerShell execution restricted for kiosk user	Enforced

4. Windows Shell Configuration

Security Control	Description	Status
Custom shell (Electron app)	Default Windows shell replaced with the IPERA kiosk application for kiosk user	Enforced
Start Menu and Taskbar	Hidden and inaccessible to kiosk user	Disabled
Action Center and Notifications	Notification center suppressed	Disabled
Windows Store	Store application disabled	Disabled

5. Disabled Windows Services

The following unnecessary services will be disabled to reduce attack surface and resource consumption.

Security Control	Description	Status
Windows Search (WSearch)	File indexing service; not required on kiosk	Disabled
Xbox services	XblAuthManager, XblGameSave, XboxNetApiSvc, XboxGipSvc	Disabled
Telemetry (DiagTrack)	Connected User Experiences and Telemetry	Disabled
WAP Push (dmwappushservice)	Telemetry-related messaging service	Disabled
Windows Maps (MapsBroker)	Downloaded Maps Manager; kiosk uses dedicated map service	Disabled
Geolocation (lfsvc)	Kiosks are at fixed physical locations	Disabled
Retail Demo	Retail demo mode service	Disabled
Media Sharing (WMPNetworkSvc)	Windows Media Player network sharing	Disabled
Fax	Fax service	Disabled
Remote Registry	Remote registry editing; security risk	Disabled
Internet Connection Sharing	SharedAccess service	Disabled
NetBIOS Helper (lmhosts)	Legacy protocol; not required	Disabled
Error Reporting (WerSvc)	Windows Error Reporting	Disabled
Superfetch (SysMain)	Disk pre-fetch optimization; not needed on SSD	Disabled
Print Spooler	No printing on kiosk devices	Disabled
Bluetooth (bthserv)	No Bluetooth peripherals used	Disabled
UPnP Discovery (SSDPSRV)	Increases network attack surface	Disabled
UPnP Device Host (upnphost)	Increases network attack surface	Disabled
Windows Insider (wisvc)	Not applicable to production devices	Disabled

6. Storage & Peripheral Controls

Security Control	Description	Status
USB storage devices	USB mass storage blocked; USB HID (touch) remains enabled	Disabled
BitLocker disk encryption	Full-disk encryption available; kiosks are in tamper-resistant enclosures	Optional
CD/DVD autorun	Autorun disabled for removable media	Disabled
Bluetooth pairing	Bluetooth adapter disabled at service level	Disabled