The question comes up quite often, what should organizations be doing to meet the basic security requirements? We often hear the terms “Security Basics”, “Minimum Security Standards” or dear lord “Security Hygiene”. But what does all this mean? Is it the same for everyone? People will point to different resources that attempt to define the security basics, but do they really work? Does compliance play into this picture?