Thank you for participating in this blog for the Security Guides. The customer feedback we received helped us build a high-quality Solution Accelerator that meets the needs of IT Professionals like you.
You have worked with our team on multiple reviews, and now have the chance to influence some of the changes we are planning to introduce to the content of the security guides.
Solution Accelerator team is planning to re-engineer the content model used for our security guides. Specifically, we will be changing what content deliverables we produce going forward. We will look at the format, the data presented (in some cases) and how we can reuse common content, packaging considerations and tools to help automate the “get” and “set” of the security settings. We also want to ensure this content model looks to the future, so that we can address new technologies and applications.
Some of the goals for this project are:
· Deliver a consistent and useable delivery presentation for our customers and partners
· Remove the redundant content we produce in our security guides
· Document a extensible content model that can be implemented in a tool
· Provide an automated build and packaging process for all of our security guides
· Create a repeatable security guidance development process
I would like to present a quick 6 question survey to our enterprise customers and partners to help shape the redesign of our security guides and validate the approach. We would really appreciate your feedback. A short, 3-minute survey appears below.
Thanks again for your participation.
1. Your guides should make it easy for system owners to identify and document their deltas from your guides, both system-wide deltas as well as deltas for particular computer/user roles. Make better use of Excel for this purpose.
2. Use Powershell as the engine for compliance setting and checking. To require all system-owners to buy SC CM with DCM is not a realistic option, and will seriously hamper the use of your guides. Cooperate with the SC CM DCM team to create Powershell providers/cmdlets with DCM functionality.
3. Do NOT write guides exceeding 20-30 pages of text. Instead, break it up into several guides. Write focused guides that can be completed without a major effort of reading, understanding, and implementation from the administrator's side. I believe that thick documents "frighten" many administrators from reading and adopting your guides, e.g. the W2008/Vista guides. Small and focused guides will encourage step-wide implementation when the administrator can find the time for it.
4. Keep up the good work! Guides and recommendations from Microsoft are very helpful, both because of their high quality as well as their universal reach to the Windows audience, making the guides function as well-known "standards" that we can refer to in our work.
Thank you so much for providing this feedback. Our team takes customer feedback very seriously and I will definitely share your concerns and recommendations with our team.
I will also follow up with you in a separate email to get more details on individual points you have provided.