Essential Security Practices

On the basis of 30 years of security industry experience and knowledge, INTEK created a set of practices, polices and controls that provide effective protection against the most relevant risks. We call these control recommendations our Essential Practices. Essential Practices are designed to provide the critical baseline of effective security for all organizations, regardless of industry or size. These Essential Practices provide a layered defense in depth that offers superior risk reduction with minimal impact to the business. These controls are so effective that they eliminate the need for frequent, disruptive application of multiple patches across the organization.

Unlike most government or industry standards, INTEK's Essential Practices are dynamic and continuously updated to reflect newly discovered relevant threats and vulnerabilities. In INTEK's model, the controls are categorized to cover technical, physical and administrative/people/process areas. Each control is then linked to one or more metrics used by INTEK's security analysts to validate that the control has been successfully implemented. Validation can occur through multiple methods, including testing, inspection, demonstration, policy review, or attestation.

A customized risk profile is prepared for each INTEK client, which then drives a unique set of Essential Practices most appropriate for the client's environment. These Essential Practices become the security roadmap for the organization, providing specific task guidance, at the device and administrator level, for a continuous enterprise security program.

INTEK's Essential practices address the security requirements for HIPAA and GLB, and map to a majority of the control clauses in both the ISO 17799 best practices and the BS 7799 security standard.