DALLAS -- Experts and certification gurus have been clamoring for a Microsoft security certification, and now they're getting their wish.
After months of hinting, Scott Charney, chief security strategist at Microsoft Corp., today announced to partners and customers at the TechEd conference that Microsoft is now offering a series of security specializations.
Microsoft has introduced the Microsoft Certified Systems Administrator, Security on Microsoft Windows 2000, and Microsoft Certified Systems Engineer. The company will build the Microsoft Windows 2000 certifications on the Microsoft Certified Systems Administrator (MCSA) and Microsoft Certified Systems Engineer (MCSE) credentials, the company said.
Versions for the Windows Server 2003 platform will be released later this year, as those platform-specific exams become available, Microsoft said.
To earn a certification, candidates must pass core exams for the MCSA or MCSE credential and then pass some security specialization exams. Administrators must demonstrate their ability in security foundations, security implementation and security design. The company said the CompTIA Security+ will be one way to satisfy the security specialty requirement of the MCSA Security and MCSE Security certifications.
While employers and IT administrators say they feel strongly about building secure systems, whether they will spring the cash to earn a Microsoft security certification to prove their mettle remains to be seen.
For one thing, the value of certification is subject to much debate. "Security is the brightest spot in the certification galaxy today," said Ed Tittel, an author and expert on Windows training. "It remains a fragmented market without a lot of slam-dunk credentials."
But security experts and customers argue about its value. Brad Dinerman, chairman of the New England Information Security User Group, said that the certification is mildly valuable to IT administrators in general and is likely to appeal to IT professionals who work mainly on Windows.
Not all IT executives, even those with a large Windows investment, are gung ho on the belief that a security certification is necessary. "It may be useful for some of my people, but there has been a lot of over-certification, and it's become a business unto itself," said Scott Saunders, director of systems technology at Paxson Communications Corp., a West Palm Beach, Fla.-based television network. "I'm more concerned about seeing Microsoft products be more secure."
The subject of security in general gets a lot of lip service, said Roberta Bragg, a security consultant and principal at Have Security Will Travel, in Kansas City, Mo. There are plenty of security experts out of work because, even today, corporations consider security management to be overhead because it doesn't generate revenue. "When times are tough, whom do you get rid of?" Bragg said.
But Bragg said that she thinks IT professionals will find interest in Microsoft's security certification, though they may not rush out to get one. "There will be more interest in [the security certification] versus the MCSE, which is starting to decline," she said.
FOR MORE INFORMATION: