Microsoft System Center 2012 R2 Compliance Management Cookbook

Book Image

Microsoft System Center 2012 R2 Compliance Management Cookbook

By : Andreas Baumgarten (USD), Susan Roesner, Ronnie Isherwood

Book Image

Microsoft System Center 2012 R2 Compliance Management Cookbook

By: Andreas Baumgarten (USD), Susan Roesner, Ronnie Isherwood

Overview of this book

Microsoft System Center 2012 R2 Compliance Management Cookbook

Microsoft System Center 2012 R2 Compliance Management Cookbook

Credits

About the Authors

About the Authors

About the Reviewers

About the Reviewers

www.PacktPub.com

www.PacktPub.com

Preface

Free Chapter

Starting the Compliance Process for Small Businesses

Starting the Compliance Process for Small Businesses

Planning the scope of a basic compliance program

Understanding possible controls for compliance

Evaluating the efforts of controls

Bringing it all together into a basic compliance program

Implementing the First Steps of Basic Compliance

Implementing the First Steps of Basic Compliance

Preparing for the creation of a compliance baseline

Installing Security Compliance Manager

Creating a compliance baseline using GPO to ensure system security

Implementing the GPO baseline in Active Directory

Enhancing the Basic Compliance Program Using Microsoft System Center 2012 Configuration Manager

Enhancing the Basic Compliance Program Using Microsoft System Center 2012 Configuration Manager

Configuring Microsoft System Center 2012 Configuration Manager for compliance

Creating a baseline to monitor for unapproved software

Creating a baseline to monitor for unapproved hardware and virtual systems

Using Security Compliance Manager baselines in Microsoft System Center 2012 Configuration Manager

Monitoring the Basic Compliance Program

Monitoring the Basic Compliance Program

Planning a compliance program for Microsoft System Center 2012 Operations Manager

Adding a compliance program monitor in Microsoft System Center 2012 Operations Manager

Installing Microsoft System Center 2012 Operations Manager Audit Collection Services to support the compliance program

Configuring a compliance program in Microsoft System Center 2012 Operations Manager Audit Collection Services

Starting an Enterprise Compliance Program

Starting an Enterprise Compliance Program

Using project management in your compliance approach

Understanding management support

Defining your communication approach

Planning the risk assessment approach

Planning documentation requirements

Defining your test approach

Planning a Compliance Program in Microsoft System Center 2012

Planning a Compliance Program in Microsoft System Center 2012

Understanding the responsibilities of the System Center 2012 tools

Planning the implementation of Microsoft System Center 2012 Service Manager

Planning the connection of the System Center 2012 components

Planning and defining the responsibilities for a compliance program

Planning System Center Service Manager 2012 related settings and configuration

Planning and defining compliance reports

Configuring a Compliance Program in Microsoft System Center 2012 Service Manager

Configuring a Compliance Program in Microsoft System Center 2012 Service Manager

Configuring connectors in System Center 2012 Service Manager to support a compliance program

Adding Configuration Items manually in System Center 2012 Service Manager to support a compliance program

Configuring compliance process Incident Classification Categories in System Center 2012 Service Manager

Adding support groups in System Center 2012 Service Manager to support the compliance program

Creating compliance program Incident templates in System Center 2012 Service Manager

Automating Compliance Processes with Microsoft System Center 2012

Automating Compliance Processes with Microsoft System Center 2012

Planning the automation of the compliance management process

Configuring compliance program notification in Microsoft System Center 2012 Service Manager

Forwarding of compliance program-related alerts

Forwarding compliance program-related Compliance Settings Management issues

Reporting on Compliance with System Center 2012

Reporting on Compliance with System Center 2012

Planning compliance reporting in Microsoft System Center 2012

Generating compliance program reports in Microsoft System Center 2012 Configuration Manager

Generating compliance program reports in Microsoft System Center 2012 Operations Manager Audit Collection Service

Generating compliance program reports in Microsoft System Center 2012 Service Manager

Useful Websites and Community Resources

Useful Websites and Community Resources

Compliance and System Center Partner tools

Authors' community blogs

Useful System Center community blogs

Useful Security/Compliance community blogs

Frameworks, standards, and processes

Official websites on compliance requirements

Valuable community forums and user groups

Microsoft TechNet Information

Social network resources

Index

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Introduction

The belief that a company will never face a security or compliance incident is rather naive but still held by many business managers. They would rather maintain their reactive approach than invest time and money in a proactive, systematic approach. Should an issue arise or a business unit receive a high degree of public attention, the incident is addressed, and this process of doing so has come to be known as a compliance program.

To exaggerate this a little, imagine the following series of events:

Find out that you have an issue
Start panicking
Get management buy-in to throw money and time at the issue
Implement your solution as publicly as possible to show what a great job you are doing
Pray that the issue is truly addressed

In other words, what is happening here is that the issue is identified and addressed, but there is never a true assessment of the general environment or the value of the issue addressed.

Based on my experience, this reactive approach wastes time and money. Policies...