Security Compliance Manager 3.0 Released

A free Solution Accelerator called the Security Compliance Manager (SCM) has been updated to version 3.0 and released in Jan. 2013. SCM helps organizations centrally maintain standard security configurations based on Microsoft recommendations for Microsoft’s OSs and applications, simplifying policy enforcement. With SCM, organizations can centrally plan, view, update, and export hundreds of Group Policy settings related to security. SCM 3.0 adds coverage for Windows 8, Windows Server 2012, and Internet Explorer (IE) 10, but not Office 2013 or Exchange 2013. A preview covering SQL Server 2012 was also released.

New Security Baselines

SCM is designed to be used with Microsoft’s documented library of sets of security settings (baselines) with recommended settings for Windows client and server OSs, BitLocker drive encryption, IE, Office, and Exchange Server. SCM helps authorized users customize the provided baselines and save them as company standards. Users can then export the standards to Excel spreadsheets or Group Policy Objects, to be applied using an organization’s group policy deployment tools, or export them to System Center Configuration Manager’s Desired Configuration Management packs or Security Content Automation Protocol files. (See the illustration “SCM 3.0 Console“.)