What this book covers

Chapter 1, Starting the Compliance Process for Small Businesses, covers the initial recommended critical tasks to start a compliance program. It offers hands-on advice on how and where to start at a very basic level. It looks at different regulatory requirements and shows how to interpret them, how to understand the scope, and how to plan for controls.

Chapter 2, Implementing the First Steps of Basic Compliance, discusses and provides steps to start a compliance program with the free Microsoft Security Compliance Manager. Within the Microsoft environment, this tool, in addition to Best Practice Analyzer, offers tremendous help with no additional costs in starting a basic compliance program. The required steps are provided in the chapter.

Chapter 3, Enhancing the Basic Compliance Program Using Microsoft System Center 2012 Configuration Manager, provides task steps to create a GPO compliance baseline using Microsoft System Center 2012 Configuration Manager.

Chapter 4, Monitoring the Basic Compliance Program, provides task steps to monitor for breaches or adherence to your compliance program. Further recipes provide information on implementation and configuration/usage of Audit Collection Services, which is specifically designed for various compliance tasks.

Chapter 5, Starting an Enterprise Compliance Program, focuses on larger businesses that already have at least a basic IT security program in place. It is a planning chapter that provides steps leading to an enterprise-wide compliance program. It also provides explanations and examples while introducing the key steps to a successful implementation.

Chapter 6, Planning a Compliance Program in Microsoft System Center 2012, provides recipes on how to integrate the System Center products. The recipes use hands-on examples to show the required planning and implementation that must be made to align the System Center tools with the compliance process.

Chapter 7, Configuring a Compliance Program in Microsoft System Center 2012 Service Manager, is focused on recipes that aid in the creation of a compliance program using Microsoft System Center 2012 Service Manager. It provides information on how to centralize compliance information within Microsoft SCSM 2012.

Chapter 8, Automating Compliance Processes with Microsoft System Center 2012, focuses on automated centralization of control status information within the System Center family. In addition, it provides information on how to implement steps so that further automation is possible.

Chapter 9, Reporting on Compliance with System Center 2012, provides recipes on report functionalities within the System Center family. The recipes show how to create reports based on the controls created in the previous chapters.

Appendix, Useful Websites and Community Resources, shows that, with the System Center product family being similar to most Microsoft products, all System Center products have an extended solutions partner community. All of them have an extensive active support base on the World Wide Web. This appendix lists some of the sites that provide readymade solutions and extensive real-world dynamic content on System Center. In addition, resources are provided for compliance questions, including official (governmental) websites providing information for small businesses that want to understand their obligations, in addition to focusing resources on more technical security/compliance issues to understand the landscape that a business is working in.