Microsoft Security Compliance Manager for Windows & Windows Server

Microsoft Security Compliance Manager is a free tool from Microsoft Solution Accelerators team that can help you configure and manage, both desktops and servers using Group Policy and Microsoft System Center Configuration Manager. The main feature of the new version is the compatibility with Windows 10/8, Windows Server 2012 and Internet Explorer 11/10.

Microsoft Security Compliance Manager

Microsoft Security Compliance Manager

The Windows Security Baseline is part of the Microsoft Security Compliance Manager tool, which is  the next evolution of the Microsoft Security Compliance Management Toolkit (SCMT) Series and is designed to provide you with an end-to-end solution to help you plan, deploy, and monitor the security baselines of computers running Windows and BitLocker Drive Encryption in your environment.

The Microsoft Security Compliance Manager provides centralized security baseline management features, a baseline portfolio, customization capabilities, and security baseline export flexibility to accelerate your organization’s ability to efficiently manage the security and compliance process for the most widely used Microsoft technologies.

The Windows Security Baseline end-to-end Solution Accelerator is designed to help you plan, deploy, operate, and manage your security baselines for Windows client and server operating systems, and Microsoft applications. Access the complete database of Microsoft recommended security settings, customize your baselines, and then choose from multiple formats—including Desired Configuration Management (DCM) packs, Security Content Automation Protocol (SCAP), XLS, or Group Policy objects (GPOs)—to export the baselines to your environment and automate the security baseline compliance verification process.

You can use the Security Compliance Manager and import the Windows Security Baseline to achieve a secure, reliable, and centralized IT environment that will help you better balance your organization’s needs for security and functionality.

The key features of Microsoft Security Compliance Manager are:

  • Integration with the System Center 2012 Process Pack for IT GRC: Product configurations are integrated into the Process Pack for IT GRC to provide oversight and reporting of your compliance activities.
  • Gold master support: Import and take advantage of your existing Group Policy or create a snapshot of a reference machine to kick-start your project!
  • Configure stand-alone machines: Deploy your configurations to non-domain joined computers using the new GPO Pack feature!
  • Updated security guides: Take advantage of the deep security expertise and best practices in the updated security guides, and the attack surface reference workbooks to help reduce the security risks that you consider to be the most important!
  • Compare against industry best practices: Analyze your configurations against pre-built baselines for the latest Windows client and server operating systems!

Security Compliance Manager provides built-in policies and DCM configuration that Microsoft Security Guide recommends and meets the industry standards. Security Compliance Manager tool will help organizations plan, deploy, operate, and manage security baselines for Windows client and server operating systems, and Microsoft applications.

What is new in Security Compliance Manager

Windows Server Security Baselines:

  • Domain Controller Security Compliance
  • Domain Security Compliance
  • Hyper-V Security Compliance
  • Member Server Security Compliance
  • Web Server Security Compliance

Windows 8/10 Security Baselines:

  • BitLocker Security
  • Computer Security Compliance
  • Domain Security Compliance
  • User Security Compliance:

Internet Explorer 10 Security Baselines:

  • Computer Security Compliance
  • User Security Compliance.

If you’re an IT Professional regularly working with Servers then it’s a must have download for you. In order to download the beta you need to join the Connect program. Do provide them with feedback to improve the product.

Posted by on , in Category Security with Tags
Shyam aka “Captain Jack” is a Microsoft MVP alumnus and a Windows Enthusiast with an interest in Advanced Windows troubleshooting. Suggestions made and opinions expressed by him here are his personal one's and not of his current employers. He blogs at

Leave a Reply

Your email address will not be published. Required fields are marked *

1 + 6 =