TrustMark: Putting a Seal on Security Practices - Steep Climb Ahead for TrustMark (
Page 2 of 2 )
The intent of this accreditation is to give security solution providers a
marketing tool that differentiates them from the competition. In other words,
if you have a TrustMark plaque in your lobby and your competitor down the
street doesn't, you'll win more business. It's an interesting theory, but
several things must happen for this to work well.
First, CompTIA needs to provide a greater level of integrity for the
accreditation process. Its organizers admit that they've automated as much of
the process as possible, but there's still a human element that must interact
with these solution providers and ensure that they are what they say they are
and have the best practices that reflect value in the marketplace.
Defining what "accreditation" means to both the solution provider
and the end user will be tricky and necessary. TrustMark is not a
certification, which means CompTIA is making no guarantees about a solution
provider's technical competencies, capacities or service quality. And it's an
accreditation not of a solution provider's record in delivering security
products and services, but of its own internal practices. These are important
distinctions, since the end user will tend to read too much into the meaning
and, potentially, assign it the same value as a Better Business Bureau rating
or Underwriters Laboratories test.
TrustMark is new and will require several degrees of critical mass to work.
CompTIA will have to work hard to get enough solution providers to accept the
accreditation to make it meaningful in the channel community. Ultimately,
though, it's the acceptance of end users that will make the real difference.
Putting another seal on a proposal won't make much difference to customers if
they don't recognize TrustMark as a symbol of value and integrity.
The CISSP is a vaunted certification because the industry, as a whole, has
accepted the rigid process for becoming a CISSP and that it truly reflects
superior knowledge and practices by the individual practitioners. TrustMark
will need that same level of acceptance for it to make a difference in the
marketplace, and that will require CompTIA and its supporting vendors and
solution providers to undertake extensive brand marketing. That's a very
expensive and protracted proposition. Early adopters may not find TrustMark to
be a marketing differentiator for some time.
Overall, TrustMark is a pretty good concept and CompTIA is one of the best
candidates in the channel to make an organization security accreditation
possible. Considering that security remains the hottest and most profitable
technology in the channel, according to Channel Insider research, having an
accreditation could help solution providers seal more and bigger deals.
CompTIA knows it has a steep climb ahead to make TrustMark seen as a
trustworthy, viable and compelling accreditation by both solution providers and
end users. On this foundation, it's possible the day may come when all security
solution providers will have to have TrustMark on the letterhead.
Lawrence M. Walsh is vice president and group publisher of
Channel Insider. He can be reached at lawrence.walsh@ziffdavisenterprise.com.
Commentary 
