This policy setting turns off toast notifications on the lock screen. The recommended state for this setting is Enabled. Rationale: While this feature can be handy for users, applications that provide toast notifications might display sensitive personal or business data while the device is left unattended. Impact: Applications will not be able to raise toast notifications on the lock screen.
Solution
To establish the recommended configuration via GP, set the following UI path to Enabled: User Configuration\Policies\Administrative Templates\Start Menu and Taskbar\Notifications\Turn off toast notifications on the lock screen Note: This Group Policy path may not exist by default. It is provided by the Group Policy template WPN.admx/adml that is included with the Microsoft Windows 8.0 & Server 2012 (non-R2) Administrative Templates (or newer). Default Value: Disabled. (Toast notifications on the lock screen are enabled and can be turned off by the administrator or user.)