TrustMark: Putting a Seal on Security Practices

There’s an old saying in information security: "Security is a process, not a product." In other words, it’s more about what you do than the equipment and technology that you use to protect IT infrastructure and digital assets.  If security is about the process, how do you—as a solution provider—demonstrate your competency and value to […]

Written By: Lawrence Walsh
Oct 23, 2008
Channel Insider content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

There’s an old saying in information security: "Security is a process,
not a product." In other words, it’s more about what you do than the
equipment and technology that you use to protect IT infrastructure and digital
assets. 

If security is about the process, how do you—as a solution
provider—demonstrate your competency and value to an end-user customer? Sure,
there are plenty of security certifications for individuals to demonstrate
technical competencies: the GIAC (Global Information Assurance Certification)
and the GIAC Security Expert, the MCSE (Microsoft Certified Systems Engineer),
the CCSP (Cisco Certified Security Professional), and, of course, the
granddaddy gold standard of them all, the CISSP—Certified Information Systems
Security Professional.

Yet these are just individual certifications. Until now, nothing existed to
show that a solution provider—as a business—has security competency and to reflect
its value to end users. CompTIA (Computing Technology Industry Association), the
industry trade association and accreditation body, the week of Oct. 20 took the
wraps off its new security accreditation, TrustMark.

CompTIA Security TrustMark is unique in that it represents that an
accredited solution provider follows security best practices for its own
infrastructure and organization, reflecting the level of guidance and service
it will provide to customers. It’s a simple idea: If I keep a clean house, I
will help keep your house clean, too.

It’s also unique that it’s a self-selecting accreditation, meaning that
solution providers that apply must answer more than 130 questions in 11
security domains about their practices. Applicants are quizzed on everything
from business continuity planning to personnel security to data protection to
regulatory and standards compliance to data protection. 

The TrustMark designers built a two-tier process for ensuring reasonable
accuracy of the self-guided applications process. First, applicants must take
an initial assessment. If they fail that first step, CompTIA will recommend
against completing the full accreditation questionnaire and provide rudimentary
guidance for improving internal security awareness. 

While any self-selecting process can be gamed, CompTIA says it’s taken great
pains to include validation questions in the application. That means the
answers to multiple, disparate questions must be in sync to achieve
accreditation. CompTIA is auditing random applications as added assurance that
only the right solution providers receive the TrustMark accreditation. 

The accreditation fee is also a pretty good filter: $2,595 for non-CompTIA
members and $1,695 for member organizations. A steep price tag has a way of discouraging
the tire-kickers from the serious professionals. 

Recommended for you...

Concentric AI Adds Integrations to Data Governance Platform

Concentric AI adds Wiz, Salesforce, and GitHub integrations to boost Semantic Intelligence platform’s AI-driven data governance and security capabilities.

Jordan Smith
Aug 15, 2025
Brivo Launching New Solution to Boost Security Suite

Brivo and Envoy partner to unify access control & visitor management, delivering scalable, compliant, and secure workplace experiences.

Jordan Smith
Aug 13, 2025
GitHub CEO Steps Down as Microsoft Tightens AI Integration

GitHub CEO Thomas Dohmke to step down in 2025 as Microsoft moves platform into CoreAI, deepening its role in the company’s AI development strategy.

Allison Francis
Aug 13, 2025
Backblaze CEO on GTM Strategy & AI Demand on M&E Datasets

Backblaze CEO on record growth, AI and M&E wins, and how new products and partnerships are driving enterprise cloud storage adoption.

Jordan Smith
Aug 13, 2025
Channel Insider Logo

Channel Insider combines news and technology recommendations to keep channel partners, value-added resellers, IT solution providers, MSPs, and SaaS providers informed on the changing IT landscape. These resources provide product comparisons, in-depth analysis of vendors, and interviews with subject matter experts to provide vendors with critical information for their operations.

Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.