Microsoft System Center 2012 R2 Compliance Management Cookbook

Book Image

Microsoft System Center 2012 R2 Compliance Management Cookbook

By : Andreas Baumgarten (USD), Susan Roesner, Ronnie Isherwood

Book Image

Microsoft System Center 2012 R2 Compliance Management Cookbook

By: Andreas Baumgarten (USD), Susan Roesner, Ronnie Isherwood

Overview of this book

Microsoft System Center 2012 R2 Compliance Management Cookbook

Microsoft System Center 2012 R2 Compliance Management Cookbook

Credits

About the Authors

About the Authors

About the Reviewers

About the Reviewers

www.PacktPub.com

www.PacktPub.com

Preface

Free Chapter

Starting the Compliance Process for Small Businesses

Starting the Compliance Process for Small Businesses

Planning the scope of a basic compliance program

Understanding possible controls for compliance

Evaluating the efforts of controls

Bringing it all together into a basic compliance program

Implementing the First Steps of Basic Compliance

Implementing the First Steps of Basic Compliance

Preparing for the creation of a compliance baseline

Installing Security Compliance Manager

Creating a compliance baseline using GPO to ensure system security

Implementing the GPO baseline in Active Directory

Enhancing the Basic Compliance Program Using Microsoft System Center 2012 Configuration Manager

Enhancing the Basic Compliance Program Using Microsoft System Center 2012 Configuration Manager

Configuring Microsoft System Center 2012 Configuration Manager for compliance

Creating a baseline to monitor for unapproved software

Creating a baseline to monitor for unapproved hardware and virtual systems

Using Security Compliance Manager baselines in Microsoft System Center 2012 Configuration Manager

Monitoring the Basic Compliance Program

Monitoring the Basic Compliance Program

Planning a compliance program for Microsoft System Center 2012 Operations Manager

Adding a compliance program monitor in Microsoft System Center 2012 Operations Manager

Installing Microsoft System Center 2012 Operations Manager Audit Collection Services to support the compliance program

Configuring a compliance program in Microsoft System Center 2012 Operations Manager Audit Collection Services

Starting an Enterprise Compliance Program

Starting an Enterprise Compliance Program

Using project management in your compliance approach

Understanding management support

Defining your communication approach

Planning the risk assessment approach

Planning documentation requirements

Defining your test approach

Planning a Compliance Program in Microsoft System Center 2012

Planning a Compliance Program in Microsoft System Center 2012

Understanding the responsibilities of the System Center 2012 tools

Planning the implementation of Microsoft System Center 2012 Service Manager

Planning the connection of the System Center 2012 components

Planning and defining the responsibilities for a compliance program

Planning System Center Service Manager 2012 related settings and configuration

Planning and defining compliance reports

Configuring a Compliance Program in Microsoft System Center 2012 Service Manager

Configuring a Compliance Program in Microsoft System Center 2012 Service Manager

Configuring connectors in System Center 2012 Service Manager to support a compliance program

Adding Configuration Items manually in System Center 2012 Service Manager to support a compliance program

Configuring compliance process Incident Classification Categories in System Center 2012 Service Manager

Adding support groups in System Center 2012 Service Manager to support the compliance program

Creating compliance program Incident templates in System Center 2012 Service Manager

Automating Compliance Processes with Microsoft System Center 2012

Automating Compliance Processes with Microsoft System Center 2012

Planning the automation of the compliance management process

Configuring compliance program notification in Microsoft System Center 2012 Service Manager

Forwarding of compliance program-related alerts

Forwarding compliance program-related Compliance Settings Management issues

Reporting on Compliance with System Center 2012

Reporting on Compliance with System Center 2012

Planning compliance reporting in Microsoft System Center 2012

Generating compliance program reports in Microsoft System Center 2012 Configuration Manager

Generating compliance program reports in Microsoft System Center 2012 Operations Manager Audit Collection Service

Generating compliance program reports in Microsoft System Center 2012 Service Manager

Useful Websites and Community Resources

Useful Websites and Community Resources

Compliance and System Center Partner tools

Authors' community blogs

Useful System Center community blogs

Useful Security/Compliance community blogs

Frameworks, standards, and processes

Official websites on compliance requirements

Valuable community forums and user groups

Microsoft TechNet Information

Social network resources

Index

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Introduction

Compliance program regulatory documents, especially data protection laws, define detection, logging, and auditing requirements. An example of such a program is the German Bundesdatenschutzgesetz (BDSG), where you would find the section "to prevent unauthorized usage of data processing systems" in paragraph 9 (http://www.lw-flyerdruck.de/userfiles/541/File/Dateivorgaben/INFO1_Januar_2011.pdf). An implication of this requirement could be to detect these unauthorized usages. Microsoft System Center 2012 Operations Manager (SCOM) has the ability to track and log unauthorized events in Microsoft Active Directory.

Another requirement could be the logging of data access for each individual user. In the Payment Card Industry Data Security Standard (PCI DSS), requirement 10 states:

"10.1 Implement audit trails to link all access to system components to each individual user"

You can find additional details on PCI DSS at https://www.pcisecuritystandards.org/documents/PCI_DSS_v3.pdf.

In this...