Securing the Security Compliance Management infrastructure

When you deploy Security Compliance Management (SCM), you have an opportunity to harden your global IT infrastructure, thus providing an extra layer of protection for systems and data.

To help prevent unauthorized access, you can use strong authentication methods, implement firewalls, monitor logs, and install the latest security patches. You can also prepare for unplanned events such as cyberattacks and natural disasters by backing up your infrastructure and developing a plan for rapid recovery.

SCM uses Puppet Enterprise (PE) to retrieve node and fact information. After you install SCM, you must configure it to integrate with PE. For this reason, some SCM security topics include links to the Puppet Enterprise documentation.

• Secure data

• Prevent unauthorized access to systems

• Prepare for disaster recovery

• Validate software

• Monitor third-party dependencies for vulnerabilities