How and when to use it: The IT Security Executive Council recommends performing the tests in this guide at least once a quarter on existing managed customers. This procedure is also a great way to engage new customer as part of a free security assessment to reveal the customers’ security posture. When you give them a full report of what was blocked and what wasn’t, give them an overall score and compare it to your customers on your managed services contract, as well as other businesses out there who are getting breached, paying fines, losing data, etc. It is important to explain that the cyber issue is growing exponentially and only recently has become a widespread problem in the SMB space.
Who should use this guide: While anyone who has the skill-set can use this guide, it is highly recommended all technicians performing these tests be properly trained. The test is useless unless it is performed properly. Even if technicians feel they have the knowledge, this needs to be verified. Going through the training is the only way to reveal gaps in skills and knowledge.
This Testing Foundation Security Posture is for informational purposes only, and any reliance on its content is done at your own risk. Further, this Testing Foundation Security Posture and its contents are provided on an “AS IS” basis, and CompTIA makes no representations or warranties as to their completeness, accuracy or adequacy or that any advice, recommendations, or other content contained in this document will protect systems, networks, infrastructure, and the like from experiencing any cyberattacks or other security incidents. The security assessments and processes discussed in this document should be conducted by professionals experienced in the field of information technology security. The links referenced in this document direct users to third party websites. Any use of the links or the associated third party websites is done at the user’s own risk, and additional terms and conditions from the owners of such websites may apply. CompTIA does not own or control these third party websites, and CompTIA does not endorse or assume any responsibility for the third party websites and the information, materials, products, services, and other contents contained therein, including any harmful items or code. CompTIA is not liable or responsible to you or your clients or customers for any results that you or they may experience, and you agree to indemnify CompTIA from and against any losses or other harms that you or your clients or customers may experience based on your use of the information contained in this Testing Foundation Security Posture. By your use of the information contained in the Testing Foundation Security Posture, you agree to the terms of this disclaimer section.