Start a conversation in a group of IT pros about certification and you'll likely find two responses dominate: Either certification is worthless and allows inexperience to masquerade as mastery, or you can't be successful without having a specific set of letters after your name no matter how much experience or skill you have. But if you treat certification as an all-or-nothing factor in your career, you'll shortchange yourself. Although certification alone can't guarantee career or even job-search success, you can realize substantial career gains if you regard certification as one potentially powerful tool among the many in your career-strategy toolkit.
Sending the Right Message
What kind of leverage does certification wield? To gain insight into how one employer weighs certification, I talked with Joe Kinsella, director of development for SilverBack Technologies, a provider of integrated IT- and security-monitoring software. Joe has primary responsibility for hiring and evaluating the members of SilverBack's development team. I asked him whether he requires certification in job candidates. "It's never a requirement," he said, "but it's definitely desirable." In his view, experience can replace certification, but certification can demonstrate experience. "When a candidate is certified, I know I don't need to spend as much time validating his or her experience in the interview process. Also, having earned a certification demonstrates that the person has a certain amount of initiative and drive."
I then asked whether vendor-neutral certifications, such as those from the Computing Technology Industry Association (CompTIA), carry more weight than vendor-sponsored certs, such as those from Microsoft. "Certifications really are better for employers and job candidates than they are for vendors," Joe responded, referring to the belief among some IT pros that certification exists to generate profits for vendors in the form of training, testing, and certification-maintenance fees. I immediately thought about Microsoft and the often-suspect MCSE. As if reading my mind, Joe went on, "I know that a lot of people question Microsoft's certifications. But we recently needed to hire a quality assurance engineer for a team that's working with a Microsoft product. To complement the other team members' expertise, we actively looked to hire a Microsoft Certified Professional (MCP). Seeing the certification I was looking for gave me additional confidence that the successful candidate had the skills and knowledge the team needed." According to Joe, the benefits certification provides IT pros and employers through developing, measuring, and maintaining industry-recognized skills and professional standards outweigh any monetary gains a certification vendor might realize.
Value and Critical Mass
Joe did say that not every certification equally demonstrates skill and knowledge. An obscure, little-known certification might actually work against you. According to Joe, "If a prospective employer looks at your resume and sees a certification acronym that makes him or her wonder, 'What the heck is this?' that certification isn't doing you any favors."
Security expert Randy Franklin Smith echoes this caveat in his article "Evaluating Security Certifications" (Security Administrator, January 2005, InstantDoc ID 44650). Regarding information security certification, Randy writes, "Keep in mind also that any company or organization can create a certification, but not every company or organization commands a high level of respect and authority in the information security field. Not much exists to stop a company from jumping on the certification bandwagon and creating a certification designed for no other reason than to reward the information security professionals who pass several of the company's courses."
However, both Joe and Randy agree that the major certifications from well-known, reputable companies and organizations are evidence of a solid skill set. In Joe's experience, "The Microsoft certification coursework stands up as testing real knowledge." And from the information security perspective, Randy believes that "In IT, the devil is in the details. Therefore, a vendor security certification such as MCSE: Security or Certified Information Systems Security Professional (CISSP) can show that you thoroughly understand the security aspects of a given product."
According to Joe, the difference between holding an obscure certification and one that's widely recognized is one of "critical mass. "When a large group of people hold a particular certification from a recognized organization, a critical mass develops in that certification and creates value."
Put It Together
If you want to be certified and aren't sure where to start, what should you do? Joe recommends choosing a certification according to a technology you want to work with or are already working with. If you want to get into a certain technology, earn one of that technology's entry-level certifications to give you a base of skill and experience from which to grow. If you're already working in that technology, earn a higher-level certification to both solidify and expand on the experience you've already gained. If you're just starting out as an IT professional, Joe suggests choosing a certification according to the area you want to specialize in.
In my next column, I'll delve deeper into certification from a certification holder's point of view and let you know how some IT pros use certification to their advantage. And I'll respond to a reader letter about the dilemma of needing experience for certain certifications but not being able to gain the experience without the certification.