At KiteTech, we have always taken our responsibility for the security of our clients’ data seriously. But the stakes have continued to grow. As the challenges of data protection and compliance have multiplied and the impact of security threats have escalated, we felt we needed to take our security posture to a whole new level. We wanted to be sure that the services we were providing were unquestionably delivered with excellence. So, we decided to find a third-party expert who could vouch for the quality of our security systems and processes. That led us to CompTIA’s Security Trustmark+ Certification.
The Security Trustmark+ Certification checks all the boxes. First, the certification process is firmly based on the NIST Cybersecurity Framework which is the national standard for managing and responding to cybersecurity risks. Second, it provides tons of guidance and templates for us to standardize our security documentation and processes based on best practices. Finally, it includes a review by an independent third-party cybersecurity expert.
We kicked off a project last February to obtain our certification. No sooner than we got started, we had to put the whole project on hold as the pandemic rearranged our priorities. COVID restrictions resulted in urgent requests from our clients who needed us to help get their staff up and working productively from home. Once that emergency was addressed and we settled into “a new normal”, we were able to turn our attention back to obtaining the certification. A lot of the effort consisted of confirming practices that were already in line with the NIST standards. But in other cases, we found that we needed to improve or even rewrite processes to comply with Security Trustmark+ requirements. The effort left us in even better position to advise our clients on security best practices.
Like many of our clients, we have been evolving from local infrastructure to cloud infrastructure over the last several years. One of the most profound insights we had during the certification process was that the benefits of having local systems and data in our main office were outweighed by the risks of maintaining local systems and data. A thorough risk assessment revealed that we were better off “cutting the cord” and moving ALL our systems and data to cloud environments. And so we did. We no longer are saddled with managing the risk of safeguarding local systems and data. It’s kind of like moving the bank vault out of the bank. Robbers might still find their way in, but they will be disappointed to find that the money is elsewhere. The process of moving all our technology infrastructure to the cloud positions us perfectly to help our clients do the same.
Earlier this month, all our efforts paid off. We were notified by CompTIA that we had achieved the CompTIA Security Trustmark+. We are now one of only 2 IT providers in Maryland and 30 IT providers in the country that can boast of achieving this prestigious certification.
The end result is not just the piece of paper, it’s the confidence that we have industry-leading security practices. Consequently, firms who partner with us can be confident that their security needs are being addressed by a technology expert using best in class security practices.
Greg DiDio
CEO
Kite Technology Group