Connect
Ask Community
Ask the community
Ask Community
  • Home
  • Windows
  • Windows lockdown – disable clipboard and screenshots?

Windows lockdown – disable clipboard and screenshots?Solved

Profile photo of yu-yan
yu-yan
Participant
Discussion
Hexnode UEM
6 months ago Oct 03, 2025

Hey everyone. We’ve got a strict new compliance mandate coming down the pipeline and I’m scratching my head a bit. Management wants to completely lock down our remote laptops (all Windows 10/11) to prevent any kind of data leakage. 

Specifically, I need to completely kill the ability to copy/paste, take screenshots (Snipping Tool, Print Screen, etc.), and use any built-in screen recorders. I know Hexnode is great for locking down mobile devices, but Windows feels a bit different. Is there a built-in policy for this that I’m missing? 

And more importantly, I have over 300 machines to hit with this update. Is there a way to deploy this in bulk so I don’t have to touch every single endpoint manually? Any advice would save my weekend! 

topic view count 12 Views

Tags

Windows (352)
Reply

Replies (1)

Marked SolutionPending Review
Profile photo of mo-chou Novice image
mo-chou
Participant
6 months ago Oct 04, 2025
Marked SolutionPending Review

I don’t think you’re missing anything; last time I checked, Hexnode doesn’t have native toggles to block screenshots or the clipboard on Windows like it does for mobile devices. 

To get this done, you’re going to have to script it. You’ll need to write a powerShell script that pushes registry edits to disable the Snipping tool, kill the clipboard, and disable game bar (which handles the native Windows screen recording). 

The bulk deployment part is easy, though. You definitely don’t need to touch 300 machines. 

Once your script is working, just go to the Manage tab in the portal, select all the target devices (or just select the device group), and go to Actions > deployment > execute custom scripts. Upload it and push it out. To make sure this persists reliably, you can also bake it into a policy. Just head to windows policy > configurations > scripts, upload your script, and configure it to run periodically (like on every device startup or user logon) so the machines stay locked down. 

Just a heads up: test the clipboard kill switch thoroughly on a spare machine first. Completely disabling copy/paste usually breaks more things than management expects and will likely generate a ton of helpdesk tickets. 

Load more
Save
Related Topics

Leaderboard

Profile photo of bram Pro image
bram
2525 pts
Profile photo of leo_scott Novice image
leo_scott
1552 pts
Profile photo of eliiza Novice image
eliiza
1542 pts
Profile photo of timo-liam Veteran image
timo-liam
1540 pts
Profile photo of carter Novice image
carter
1435 pts
View all

Popular Tags

ABM (55)
Android (499)
iOS (376)
macOS (493)
Windows (352)
Apple TV (33)
App Management (380)
Enrollment (119)
Location (31)
Kiosk (237)
Scripts (93)
ADE (52)
OS Updates (80)
Android Enterprise (147)
View all