One of the most common methods to configure an office full of Microsoft Windows computers is with group policy.

For the most part, group policies are settings pushed into a computer’s registry to configure security settings and other operational behaviors.

Group policies can be pushed down from Active Directory (actually, pulled down by the client) or configured locally.
I’ve been doing Windows computer security since 1990, so I’ve seen a lot of group policies.
In my work with customers, I scrutinize each group policy setting within each group policy object. With Windows 8.1 and Windows Server 2012 R2, for example, there are more than 3,700 settings for the operating system alone.