If you oversee SCCM, you are a huge part of your company’s security strategy, and you will become even more critical as your company deploys Windows 10. You’ll be expected to keep anti-virus and other security software current and correctly configured. You’ll need to keep Windows 10 itself updated and secure. You’ll need to ensure that sensitive Windows 10 applications only go to authorized staff. The list is nearly endless, and SCCM is at heart of it all.
As Spider Man’s Uncle Ben and many others have said:
“With great power, comes great responsibility.”
Whether you are a CIO, department head, or sysadmin, if you work with SCCM you have the power to help make sure cyberattackers:
- Cannot launch a global attack on all SCCM-managed endpoints
- Do not get access to Active Directory (AD) itself
- Are not allowed to perform remote code execution
- Cannot view or access SCCM servers
- Cannot redirect clients to a “fake” SCCM server
- Are unable to snoop on network traffic
- Have no way to access security certificates
- Cannot impersonate an approved computer system to gain access
- Never obtain sensitive passwords
- So much more…
It’s not so easy being Spider Man!!
To help you get it right, Adaptiva is offering an SCCM Security Best Practices Report and a Security Best Practices Checklist you can use to examine your environment for key vulnerabilities.
Many companies enhance SCCM security by using Adaptiva OneSite Anywhere. OneSite Anywhere has been the leader in SCCM security for some time, deployed at numerous global financial institutions. It dramatically reduces the number of servers needed, slashing the number of possible attack points and potential configuration errors. OneSite Anywhere automates dozens of manual administration activities, ensuring they’re done in the most secure way possible.
We are announcing a new version of OneSite Anywhere (OneSite 5.6) that hardens SCCM security and makes it tougher than ever before. It not only meets, but exceeds both FIPS 140-2 and NSA Suite B cryptographic specifications. It’s the world’s only way to add disk encryption to SCCM content, and now has 256-bit encryption. It adds military-grade tamperproofing for content delivery. OneSite Anywhere 5.6 gives you centralized control of security settings, and even sets and maintains sensitive ACL/NTFS permissions.
OneSite Anywhere 5.6 delivers a new massive response capability to update hundreds of thousands of endpoints instantly (instead of waiting for SCCM polling and other delays). You can learn more about OneSite Anywhere 5.6 contact us for a demo.
While Spider Man wasn’t talking about OneSite Anywhere 5.6, he might as well have been when he said:
“Everyday I wake up knowing that no matter how many lives I protect, no matter how many people call me a hero, someone even more powerful could change everything.”
That’s what SCCM security is like. It’s constantly changing and new, unforeseen threats can arise at any time. With Adaptiva, you have more power than ever before to get it right and keep your company safe.
