06 Jun

SCCM DCM Wrapup – Third Party Baselines and Auto-Remediation

The overall theme of this series on SCCM Desired Configuration Management has been to provide you with a low-level understanding of the mechanics of DCM, give you a sense of the wider business context in which it is useful, and give you the tools to pursue your own enterprise IT management goals. This final post Read more…

06 Jun

SCCM DCM and Microsoft’s Security Compliance Manager

In the first four parts of this series, we covered SCCM Desired Configuration Management (DCM) in depth and went over the creation and use of custom baselines. Now that we understand the low-level details, it’s time to build on that foundation. Continuing our laptop security focus from last time, in this blog post we’ll look Read more…

03 Jun

Creating the SCCM DCM Baseline for Laptop Security

In the second and third parts of this series on SCCM Desired Configuration Management, we created some Configuration Items (CIs) that showcased a variety of validation techniques. Now we’re ready to turn the individual CIs into a baseline and begin using it for compliance reporting. Creating the Baseline Whew, creating those CIs seemed like a Read more…

03 Jun

SCCM DCM Config Items Based on Programmatic Queries

In the second part of this series on SCCM Desired Configuration Management, we began creating Configuration Items for the scenario of establishing a corporate laptop security baseline.  We continue here with some more sophisticated queries to give you a sense of how one incrementally builds up a DCM baseline. Configuration Items based on programmatic queries Now Read more…

03 Jun

Configuration Items for SCCM DCM Laptop Security

In the first part of this series, we discussed what SCCM Desired Configuration Management is and why you might want to use it. Using the example of creating a security baseline for monitoring configuration drift on corporate laptops, we began setting up the initial framework. Now it’s time to get to the business end of Read more…

01 Jun

First Steps in Creating an SCCM DCM Baseline for Laptop Security

Scenario: your company’s management is concerned about the security of the firm’s laptops. They’re mobile, people use them in public, and there’s the inevitable risk of loss or theft. In the back of your mind, several things would allow you to rest easier at night: You don’t want the laptop participating in peer-to-peer (P2P) activities Read more…

01 Jun

Enterprise Baselines and Compliance: the Power of SCCM Desired Configuration Management

Suppose one of your firm’s laptops were stolen — would it be secure? Do you know if your organization’s PCs follow basic ENERGY STAR efficiency guidelines? And how do your systems stack up when compared to the Federal Desktop Core Configuration security standards that the US government mandates for its own PCs? If you don’t Read more…