The certifications paper chase
Martin Lynch takes a look at which vendor certs offer the best return on investment.
It is clear that not everybody sees certification in the same light. Vendors, unsurprisingly, preach its value as a differentiator to attract customers, but a lot of small resellers feel that there are too many certifications, that they cost too much in terms of time and money, and that being certified makes no difference when it comes to getting new business.
Since a lot of this new business comes through referrals, the need for certification is not a top priority for the smaller player. The training and certification process is also expensive, and there are simply too many for the channel to cope with.
As a result, many smaller players have been avoiding new certifications and have restricted their spending to keeping the ones they have up to speed. But even that is a burden in the depressed IT climate.
Even so, certifications are still proving popular with youngsters trying to get a leg up on the job ladder, more experienced IT professionals looking for a change in career, and resellers cultivating a new stream of business.
However, there is not much point in forking out thousands of pounds if the certification you receive is not going to guarantee you, or your company, a decent return on investment (ROI).
So you should always investigate which certifications are in demand before parting with your cash and letting the professionals out of the office.
Alex Charles, director at The Skills Market, creator of the popular iProfile electronic CV, said: "Certifications are very important in certain fields.
"If you take Cisco certifications, for instance, some of those can be very useful. Once you've paid for training and testing they might cost you £20,000, but businesses know that, if you've gone on this course and passed, you know your stuff.
"At the other end, some of the lower-end Microsoft courses, for example, are not as well respected because someone might have the certification but no hands-on experience. It is possible to pass some certification exams without having any real experience, and this has damaged the value of those certs."
vnunet.com's sister title Computer Reseller News US recently carried out its second Certification Study, a detailed look at what is up and coming in the world of IT certification from a channel perspective.
Two hundred resellers were divided into those with turnover of less than $10m and those above $10m. Each group was asked the importance of 40 certifications to their business, currently and over the next six to 12 months. The certifications included two vendor-neutral certs and 38 others from 19 vendors.
Certifications that pay
So what is hot? Because of the difficult economic climate, money has been tight in the training arena, and UK training companies have all said that the year has been a bad one.
The training companies are having a rough time because training budgets, along with marketing and advertising budgets, are among the first to disappear when the going gets tough.
For independent contractors, work has slowed down in some sectors, with many projects being deferred, making it harder for them to fund further training or even maintain the certifications they already hold.
For those brave enough to fork out their own money, it has never been more important to pick a certification that is going to pay you back.
CRN US calculated the ROI for 12 of the top certifications included in the study by dividing the estimated annual turnover from a certified employee by the total annual cost of the employee. The results for both groups showed some marked differences.
In larger resellers, Check Point Software Technologies came out top in terms of payback. Check Point Certified Security Expert (CCSE) led the field with a 97 per cent ROI, while Check Point Certified Security Administrator (CCSA) came second with 96 per cent.
For smaller resellers, the Check Point certs still ranked high, at numbers three and four. But sitting on top was the Citrix Certified Administrator (CCA) accreditation, which had an 87 per cent ROI, followed by Microsoft Certified Systems Engineer (MCSE) at 85 per cent.
The MCSE certification barely managed to scrape into the top 10 for large resellers. The viability of Microsoft certifications was an important difference between the two groups. This may be because many customers of large resellers are businesses running multiple operating systems, so MCSE engineers are seen as less important.
For small resellers, though, MCSE engineers are seen as vital, since those value-added resellers work with smaller businesses that are more likely to be running a Windows-based operating environment.
Once you have your cert, the fun really begins. Will your company maintain it for you or will you have to go it alone? ROI is a good measure of what companies are prepared to do.
The Certification Study found that the higher the ROI, the more likely it is that your employer will pay to keep it up to date. This was certainly true for the Check Point certifications, which ranked first and second in terms of the percentage of large resellers willing to fork out full maintenance costs.
But ROI is not the only measure and, despite the poor market conditions, even small resellers seemed prepared to look past ROI and into the future.
That group rated the Red Hat Certified Engineer (RHCE) certification as number one in terms of its willingness to pay maintenance costs, even though it ranked only eighth in terms of ROI.
It was a clear indication that, while it is not big in terms of business generated now, Linux is widely tipped as a good earner in the near future.
Security
Security proved to be one of the fastest-moving sectors in certification terms this year. Thanks to the events of 11 September last year and the growing use of online technologies, security in all its forms has invaded the boardrooms of every company.
Paranoia, coupled with a realisation that the threats to data are many and costly, has settled in. The most striking change between last year's Certification Study and the one this year was the sudden appearance of security certifications.
Three out of the top 10 certs both large and small resellers are investing in are security ones: Check Point's CCSE and CCSA, and RSA's Certified Security Professional. Even more surprisingly, it was the first time that security certs even appeared on the list for large resellers.
For small resellers asked about the fastest-growing certs in terms of importance, four of the top 10 were related to security.
So has the business world overreacted on the security front? And if so, will the security market tail off as the memories of terrorism and the fear of cyber-terrorism recede?
"The events of the past year have changed people's outlook on security for good; it's not a blip," said Niall Moynihan, northern European technical director at Check Point.
"Security policies are moving higher up the ladder in corporates, all the way to the boardroom. There are more people on the road now and that mobile workforce needs to be secured.
"Combining that with the use of the internet and online services means things have to be much more protected than before. Even in the channel we have seen security grow in importance over the past year; our resellers tell us that their customers are now asking to see their certifications in this area."
Robert Chapman, co-founder of accelerated training group Training Camp UK, said: "Between 11 September, disaster recovery, business continuity, the growth of e-commerce, virus attacks and hacking, it's not surprising that companies are starting to hire IT security managers.
"That said, security is a complex arena and if you are recruiting for that position you need to know a lot about candidates' skills and background."
Moynihan added: "Security has finally found its place in the network. Whereas it used to be the last thing it's now part and parcel of the whole networking solution.
"In the past, you would go to see potential customers and show them security solutions and they would say: 'Excuse me, how much?' But it is no longer considered a luxury."
Security certifications can be a bit of a minefield, especially when you consider that security covers everything from internal systems access and policies to the wide range of online tools that cover firewalls, virus software, remote access and e-commerce.
Picking a certification from one vendor is a good idea if you are guaranteed to be using it all of the time, but speculating can be dangerous unless you read the market correctly.
One way to avoid tying yourself to a single product or vendor is to go for a generic security certification that is vendor-independent and covers a wide range of security topics.
Depending on your level, there are a growing number of generic security certs, and the Security Certified Programme is seen by some as a good place to start.
The most highly rated, however, is the Certified Information Systems Security Professional (CISSP) from ISC2, a global non-profit organisation.
When it comes to certification, they do not come much more respected, or gruelling, than this one; forget signing up for this if all you want is another couple of letters after your name. The exam is a six-hour monster with 250 complex questions.
"We have just become the only authorised reseller for the CISSP in the UK, and it is stringently monitored in terms of who should do it and who should not," explained Chapman.
"For a start, you must have three years' relevant experience with at least one security product, and this has to be backed up with references that will be checked.
"Right now, there are only a few hundred CISSP-qualified professionals in the UK, compared with thousands in the US and around the world, but this will grow rapidly. The advantage of the CISSP is that it is well respected by all of the security vendors."
Moynihan agreed. "CISSP covers a wide range of security issues, particularly the integration of different security solutions," he said. "It is a good certification and we support it. A lot of our guys are CISSP-certified."
So what does a chief security officer (CSO) earn these days? As demand for security managers grows while the pool of suitable candidates remains small, the numbers are rising.
Giga Information Group found that CSOs in financial services companies earn the most, picking up between $125,000 and $270,000 a year plus a 15 to 25 per cent bonus.
High-tech manufacturing and software companies are the next best payers for security specialists; telecoms, utilities and manufacturing companies are less generous, paying CSOs $70,000 to $90,000 before bonuses.
Networking
Networking has always been an area where certifications are taken a bit more seriously, mainly because getting them can be an expensive and tortuous affair.
Because the level of hands-on, practical training and testing is greater, they are generally more respected and their value in the marketplace is higher.
The most highly rated certs in the study were Cisco Certified Network Administrator (CCNA) and Cisco Certified Internetworking Expert (CCIE), both of which were placed among the five most important certifications to have.
This is not really a surprise, because having a CCIE usually means you don't simply know how to take care of a network; you could probably dismantle it, rebuild it and reconfigure it with your eyes closed.
"The big system certifications, such as Cisco, are always going to be very useful, but people tend to look for more experience in using those tools and not simply at the certifications themselves. In general, Cisco certs have always been the ones with highest credibility," said Charles.
The reappearance of the Certified Novell Engineer (CNE) certification in this year's study was certainly a shock. Widely considered to be the granddad of them all and one of the most popular certifications back in the 1990s, the CNE had fallen off in recent years, losing ground to Microsoft in particular.
Even more surprising than the fact that it scraped in at number 10 is that, in last year's study, it wasn't even on the radar, and most respondents predicted that it would play a reduced role in the future.
Novell was not going out without a fight, which is why its PartnerNet 2002 programme, introduced in January, required its partners to have CNEs and Certified Directory Engineers (CDEs) among their workforces, something it had done away with in 2001.
The move has worked to some extent, as has Novell's support of the channel, growing web services offerings and the release of NetWare 6.0. In fact, 65 per cent of small resellers this time around felt that someone with a CNE had been around longer and had a greater knowledge base than someone with an MCSE or similar cert.
Microsoft
Novell might be fighting its corner but, when it comes to the most popular and numerous certifications, Microsoft scoops the prize. In the study, the MCSE topped the list of most important for both large and small resellers for the second year running.
Microsoft may take some stick for the 'real-world' value of Microsoft Certified Professional (MCP) certifications, but the MCSE and the MCSA are still on top. Large resellers placed the MCSE and MCSA at numbers one and three, while small resellers placed them at one and two.
But the company has not been sitting on its laurels. Recently it launched two new certifications that revolve around its .Net suite of web services tools.
Web services is a rapidly growing market, and now that the standards are coming and the majority of big players are in agreement, there is a large pool of developers out there waiting to take advantage of the opportunity.
In a bid to keep them happy, Microsoft has just announced the creation of Microsoft Certified Application Developer (MCAD) for .Net certification and Microsoft Certified Solution Developer (MCSD) for .Net certification. Candidates must pass two exams for the MCAD for .Net and four for the MCSD.
Mark Buckley, partner readiness manager at Microsoft, said: "We have had a massive amount of interest from our developer community concerning .Net, with a huge number requesting certification long before we introduced the new certifications."
Linux
Linux may have been lurking in Microsoft's shadow for a long time, but this year things have finally begun to happen in a big way, particularly on the certification front.
It may not have made the top 10 for either large or small resellers, but the Level 1 and 2 certifications from the non-profit Linux Professional Institute and Red Hat Certified Engineer made it into the top 20 and proved to be among the fastest climbers.
"When we first started off we were marketing the Linux courses to little interest, but in the past three months they have been filling up," said Chapman.
"The people we see coming to us about Linux are the guys with lots of Microsoft skills and those who want to catch the Linux wave early. They want to add the skills of the up-and-coming Linux to the ones they already have."
It may have been a hard year in the training sector but there are signs that the market is recovering; companies are loosening those purse strings again and letting a trickle of staff out of the office to earn certifications.
While the top five certifications have not really changed much in a year, the young pretenders, such as security and Linux, have shaken things up in a dramatic way.
At this rate, this year's upstarts will be next year's 'must-have' certifications.
Putting the boot in
One of the training trends to emerge in recent years has been companies offering intense, fast-track training and exams.
The term 'boot camp' has been applied to many such groups and there is a lot of controversy surrounding the issue.
Boot camps emerged as a way of offering professionals a way to earn certification in far less time than would normally be required. Many have claimed that costs are lower as well.
But detractors argue that boot camps are bad for the certification industry, churning out people with 'paper certs' and no real understanding of the technology.
Brian Sutton, chief educator at QA Training, said: "Some people just want a certification, which is why boot camps arrived. There are huge downsides to them, though, especially the lack of real-world training.
"If you cram a big bucketful of information into someone's head in just five days you will find that a week later they can remember little more than 10 per cent of it.
"It might be a good way to pass an exam, but it's not a good way to make people better at their job. You need to build a support group for people and give them plenty of practice."
Robert Chapman, co-founder of Training Camp UK, an accelerated training company, agrees that lots of so-called boot camps are bad, but that fast-track training can be carried out properly.
"This kind of training does not suit everybody; we can't train rookies to be an MCSE in 14 days. But someone with 12 months' experience working with the technology is different. We train people differently, by taking them out of their normal environment. They live with us and the trainers, and have no distractions for two weeks," he explained.
"Traditional teaching methods sell people short on their ability to learn things, which is why we vary the way we deliver information in each 12-hour day, from visual and audio to hands-on and discussion work.
"This is not cramming or a short-cut approach; we cover the whole course, delivering the same number of teaching hours as a traditional training company but in less time."
As for boot camps, Chapman said: "Boot camps teach you how to pass exams, and they don't use official material unlike us. One camp I spoke to offers a Cisco CCNA in four days, and the classes stop at 3.30pm. They use their own material and cover only 20 per cent of the Cisco material needed to pass the test."
With a first-time pass rate of 85 per cent, Training Camp UK proves that not all accelerated training companies are boot camps. Just make sure you sign up with the right one.
Most important certifications for large resellers (in order of importance)
- 1. Microsoft MCSE
- 2. Cisco CCNA
- 3. Microsoft MCSA
- 4. Cisco CCIE
- 5. Oracle Certified Professional DBA
- 6. RSA Certified Security Professional
- 7. Oracle Certified Master DBA
- 8. Check Point CCSA
- 9. Check Point CCSE
- 10. Sun Solaris (Certified Network Administrator)
Most important certifications for small resellers (in order of importance)
- 1. Microsoft MCSE
- 2. Microsoft MCSA
- 3. Cisco CCNA
- 4. Cisco CCIE
- 5. Check Point CCSA
- 6. Check Point CCSE
- 7. Oracle Certified Professional DBA
- 8. RSA Certified Security Professional
- 9. Oracle Certified Master DBA
- 10. Novell CNE
Source: CRN US
CONTACTS
Check Point (01223) 713 600
www.checkpoint.co.uk
Microsoft (0870) 601 0100
www.microsoft.com/uk
QA Training (020) 7656 8484
www.qa.com
The Skills Market (020) 7354 9669
www.theskillsmarket.co.uk
Training Camp UK (08700) 775 501
www.training.camp.co.uk