Security Baseline

A set of minimum security standards or settings that your organization commits to implementing everywhere. It's essentially the baseline "must-do" security practices - the foundation on which you build further security. Industry standards and regulations often recommend baseline controls.

‍

For example, a security baseline might state that "all laptops must have disk encryption, a timeout lock after 5 minutes of inactivity, and an up-to-date antivirus."

‍

By establishing a baseline, even a small business ensures a consistent level of protection across all systems. It's the "no lower than this" bar for security, which you update as threats evolve