CompTIA Security Trustmark

CompTIA Security Trustmark Parameters

The CompTIA Security Trustmark is a vendor-neutral business accreditation. It benefits the entire IT industry by establishing foundational security practices relevant to all Solution Providers, regardless of company size. The CompTIA Security Trustmark is being developed with input from leading IT industry companies and Business Security Practice Experts. The CompTIA Security Trustmark is an accreditation that can be achieved by small businesses, but still holds Solution Providers to the security practices that larger businesses have the capability to perform. The following are some of the areas within an organization as suggested by research participants as requirements for the CompTIA Security Trustmark:

• Business Continuity
• Security Awareness and Training
• Data Protection
• Physical Security
• Technical Infrastructure Security
• Personnel Security Policies and Administration

The CompTIA Security Trustmark will cover common security practices and IT technologies. Listed below are examples of technical areas suggested by research participants and will likely be a part of the Trustmark:

• Security Process, Protocol and Standards
• Technical employee knowledge/expertise
• Firewall products and processes
• Anti-Virus/malware/spyware
• Intrusion detection
• Vulnerability assessment detection
• Data encryptions
• Security clearances – background checks
• Physical and hardware security
• Security requirements (permissions, passwords, etc.)

Next Steps
To ensure its success, the CompTIA Security Trustmark needs continued support from the industry. Learn more about the Security Trustmark and how you can get involved by contacting Earle Humphreys at ehumphreys@comptia.org.