Can I leave Windows updates on

Hi,
I'm currently setting up a number of devices (Windows 10 iot). I would like to leave windows updates on if possible. I see that the recommendations are to turn them off but my question is; is it okay to leave the updates run as normal? and will the system still function.

My preference would be to let windows update automatically.

If there is a major windows update, it will overwrite the locked down setup. Be sure to have an accessible 2nd admin account available on the system if you decide to keep Windows Updates enabled.

Ah okay, thanks. So turning off auto-updates is probably the way to go.  If windows auto updates are turned off, in general, how would you recommend keeping windows up-to-date?

Most locked down systems don't need Windows Updates (depending on the system use profile). However, you can run updates safely if you first disable Secure Lockdown, then run the update, then re-enable. Windows Updates are typically not a problem while Secure Lockdown is enabled. Only major releases can be problematic.