We disabled local administrator account (which we rarely use & we'll boot from CD to enable it back when needed).
Audit now asks: there are 30 very critical PCs : can we also disable the SYSTEM account (which I think
Desktop Central or possibly SCCM) uses?
What's the impact/implications of disabling SYSTEM?
can it be disabled? Is it an interactive logon or this account doesn't allow Interactive logon?
Any MS or authoritative links recommending not to disable/delete it?