A hidden gem in Windows 10 security is the Security Compliance Manager (SCM), a SQL Server-driven management console IT can use to customize, store and export security configurations. Essentially, IT can use SCM to set the ground rules for Windows 10 security settings.
The SCM configurations create the security baseline settings in Windows Server, and they are the first line of defense for organizations. SCM is a free Microsoft Solution Accelerator that IT can use to secure Windows. Microsoft tests and automates these tools to provide a more secure platform.
Don't simply download security baselines and configure standard settings. The Security Compliance Manager enables IT to adjust security baselines through its interface. It provides specific steps for stricter security settings that may appeal to different types of organizations, such as adding sensitive privilege use and detailed tracking options.