Security Compliance Manager 3.0 (SCM 3.0) is a free tool from the Microsoft Solution Accelerator team that enables you to quickly configure and manage your desktops, traditional datacenter, and private cloud using Group
Policy and System Center Configuration Manager. In addition to key features from the previous version, SCM 3.0 offers new baselines for Internet Windows Server 2012, Windows 8, and Internet Explorer 10.
SCM provides ready to deploy policies and DCM configuration packs that are tested and fully supported. These baselines are based on Microsoft Security guide recommendations and industry best practices, allowing you to
manage configuration drift, address compliance requirements, and reduce security threats.
Easily configure computers running the latest Windows® operating systems, Microsoft® Office applications, Windows Internet Explorer®, and Exchange Servers with industry leading knowledge and fully supported tools.
You can leverage SCM to import the current configuration of your computers using two different methods: first, you can import Active Directory-based group policies; second, you can import the configuration of a “golden master” reference machine by using the
LocalGPO tool to backup the local group policy which you can then import into SCM. Compare your standards to industry best practices, customize them using rich knowledge, and seamlessly create new policies and DCM configuration packs in the user-friendly UI
designed to work with Microsoft System Center Configuration Manager 2007 R2.
Wiki Articles about SCM:
SCM provides centralized security baseline management features, a baseline portfolio, customization capabilities, and security baseline export flexibility to accelerate your organization’s ability to efficiently manage
the security and compliance process for the most widely used Microsoft technologies.
Take advantage of the experience of Microsoft security professionals, and reduce the time and money required to harden your environment. This end-to-end Solution Accelerator will help you plan, deploy, operate, and manage
your security baselines for Windows® client and server operating systems, and Microsoft applications. Access the complete database of Microsoft recommended security settings, customize your baselines, and then choose from multiple formats—including Excel®
workbooks, Group Policy objects (GPOs), Desired Configuration Management (DCM) packs, or Security Content Automation Protocol (SCAP)—to export the baselines to your environment to automate the security baseline deployment and compliance verification process.
Use SCM to achieve a secure, reliable, and centralized IT environment that will help you better balance your organization’s needs for security and functionality.
SCM provides the following key features and benefits:
The supported operating systems and requirements to use SCM include:
SCM is intended to work with System Center Configuration Manager 2007 or System Center Configuration Manager 2012 SP1 and the desired configuration management (DCM) feature of that product.
Note: You can use the Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint File Formats (available as a free download) to open, edit, and save documents, workbooks, and presentations in Microsoft Office 2007 file formats. You
also can use Microsoft Word or Microsoft Word Viewer (available as a free download) to view Word documents.
Security Compliance Manager (SCM) is just one of the tools provided by the Microsoft Solution Accelerators team. The Microsoft Assessment and Planning Toolkit, Microsoft Deployment Toolkit, and
Security Compliance Manager provide tested guidance and automated tools to help you plan, securely deploy, and manage new Microsoft technologies—easier, faster, and at less cost. All are freely available, and fully-supported by Microsoft.
Thanks for using the SCM tool, and feel free to contact us:
Security Solutions Questions & Feedback.
The original post of this article was a request for information around SCM1.0. Since this is a wiki, I have moved the original request to this comment and changed the topic to a stub.
I am currently evaluation theSecurtiy Complaince Manager 1.0 as an enterprise wide solution for baselining all end points and servers. It seems very promising in streamlining the compliance management of the organization, whichever standard it may be, as the baselines are customizable.
Has anybody evaluated or used SCM in here? I am sure the answer would be yes :-) ! Would love to share/learn from their experince.
Thiago Cardoso Luiz edited Revision 15. Comment: add Technet information.
Ed Price - MSFT edited Revision 18. Comment: White space issues
Kurt Dillard edited Revision 19. Comment: Updated the overview and removed the section about EC and SSLF environments to reflect changes in SCM 2.0 and the newest baselines.
Kurt Dillard edited Revision 20. Comment: Updated the overview and removed the section about EC and SSLF environments to reflect changes in SCM 2.0 and the newest baselines.
I'd love to see some community resources added here.
Ed Price - MSFT edited Revision 26. Comment: We do not add "(en-US)" to article titles (it causes some grief), but we would still greatly appreciate your help adding "en-US" to the approximate 6,000 English articles that don't have them yet. Thanks!