Insights

SCCM and Windows 10 Security: How to Get it Right

by

If you oversee SCCM, you are a huge part of your company’s security strategy, and you will become even more critical as your company deploys Windows 10. You’ll be expected to keep anti-virus and other security software current and correctly configured. You’ll need to keep Windows 10 itself updated and secure. You’ll need to ensure that sensitive Windows 10 applications only go to authorized staff. The list is nearly endless, and SCCM is at heart of it all.

As Spider Man’s Uncle Ben and many others have said:

“With great power, comes great responsibility.”

Whether you are a CIO, department head, or sysadmin, if you work with SCCM you have the power to help make sure cyberattackers:

  • Cannot launch a global attack on all SCCM-managed endpoints
  • Do not get access to Active Directory (AD) itself
  • Are not allowed to perform remote code execution
  • Cannot view or access SCCM servers
  • Cannot redirect clients to a “fake” SCCM server
  • Are unable to snoop on network traffic
  • Have no way to access security certificates
  • Cannot impersonate an approved computer system to gain access
  • Never obtain sensitive passwords
  • So much more…

It’s not so easy being Spider Man!!

To help you get it right, Adaptiva is offering an SCCM Security Best Practices Report and a Security Best Practices Checklist you can use to examine your environment for key vulnerabilities.

Many companies enhance SCCM security by using Adaptiva OneSite. OneSite has been the leader in SCCM security for some time, deployed at numerous global financial institutions. It dramatically reduces the number of servers needed, slashing the number of possible attack points and potential configuration errors. OneSite automates dozens of manual administration activities, ensuring they’re done in the most secure way possible.

We are announcing a new version of OneSite (OneSite 5.6) that hardens SCCM security and makes it tougher than ever before. It not only meets, but exceeds both FIPS 140-2 and NSA Suite B cryptographic specifications. It’s the world’s only way to add disk encryption to SCCM content, and now has 256-bit encryption. It adds military-grade tamperproofing for content delivery. OneSite 5.6 gives you centralized control of security settings, and even sets and maintains sensitive ACL/NTFS permissions.

OneSite 5.6 delivers a new massive response capability to update hundreds of thousands of endpoints instantly (instead of waiting for SCCM polling and other delays). You can learn more about OneSite 5.6 by reading our press release. Or better yet, contact us for a demo.

While Spider Man wasn’t talking about OneSite 5.6, he might as well have been when he said:

“Everyday I wake up knowing that no matter how many lives I protect, no matter how many people call me a hero, someone even more powerful could change everything.”

That’s what SCCM security is like. It’s constantly changing and new, unforeseen threats can arise at any time. With Adaptiva, you have more power than ever before to get it right and keep your company safe.

SCCM Security Audit Service

Register for an informational session on the new SCCM Security Audit service brought to you by Adaptiva and Windows Management Experts. This audit service can help you implement SCCM security best practices and lock down systems management environments.
Request an Audit

Bill Bernat
Director of Product and Content Marketing, Adaptiva