Windows Security Compliance Manager Released

Microsoft rolled out Security Compliance Manager on Thursday to help IT pros design, manage and monitor baseline security in Windows.

The tool, previously available as a beta in February, is the newest member of Microsoft's Security Compliance Management Toolkit, according to a Microsoft blog. It's one of the free tools in the Microsoft "Solution Accelerators" series.

"Security Compliance Manager lets organizations centrally plan, view, update, and export hundreds of Group Policy settings for Microsoft client and server OSes and applications, "noted Donald S. Retallack, research vice president for systems management and security at Directions on Microsoft, in an e-mail.

The tool works with Microsoft's Security Compliance Management Toolkit to manage security settings for Windows XP, Vista, Windows 7, Windows Server 2003 and Server 2008, Internet Explorer 8 and Office 2007, Retallack explained. Since it's used with Group Policy, it applies only to Microsoft products, he added.

"The tool does not return information -- it is used to provide standard settings to other tools, such as Configuration Manager, for setting security settings on an organization's computers," Retallack stated. "Security Compliance Manager maintains a library of sets of security settings (baselines) with recommended settings from Microsoft."

The Microsoft Solution Accelerators team worked with IT pros, government agencies and Microsoft security experts to develop the tool. Security Compliance Manager is designed to accelerate the use of best practices, allow centralized decision making, and help monitor, verify and comply with an organization's security baselines, according to Microsoft's blog.

Security baselines, as defined by Wikipedia, are a "cookbook recipe for a normal level of protection."

Such baselines can include hundreds of settings, such as whether a user is allowed to turn on Active-X controls in Internet Explorer, whether a workstation OS requires password changes at some defined interval, whether BitLocker features are enabled, and many others, according to Retallack.

Users of Security Compliance Manager can access a database of Microsoft-recommended security settings and then customize the baselines according to organizational needs. The formats to export customized baselines include Desired Configuration Management, Security Content Automation Protocol, Microsoft Excel, or Group Policy Objects.

"There are lots of Microsoft tools that accomplish similar things," Retallack noted. "One such enterprise tool for maintaining Group Policy Objects is the Advanced Group Policy Manager (AGPM) in the Desktop Optimization Pack."

Retallack, however, noted that Security Compliance Manager is not just a marketing or advertising play by the software giant.

"The tool is not just advertising -- it can really help IT administrators maintain a consistent set of security settings across an enterprise," he said.

The Microsoft Solution Accelerators team described the Security Compliance Manager tool back in February in a series of videos that can be accessed here.

About the Author

Herb Torrens is an award-winning freelance writer based in Southern California. He managed the MCSP program for a leading computer telephony integrator for more than five years and has worked with numerous solution providers including HP/Compaq, Nortel, and Microsoft in all forms of media.


  • Image of a futuristic maze

    The 2024 Microsoft Product Roadmap

    Everything Microsoft partners and IT pros need to know about major Microsoft product milestones this year.

  • SharePoint Embedded Becomes Generally Available

    After a six-month preview, SharePoint Embedded, an API-based version of SharePoint that developers and ISVs can use to embed Microsoft 365 capabilities into their apps, is now generally available.

  • Copilot in Microsoft 365 Getting Agents, Extensions and Team (Not Teams) Support

    Microsoft is adding more functionality to its Copilot AI assistant aimed at improving business collaboration, processes and workflows for Microsoft 365 users.

  • Microsoft Giving Startups Templates To Build AI Apps

    A new perk for businesses enrolled in the Microsoft for Startups Founders Hub program aims to fast-track their ability to build AI-powered applications.