Business Solutions Drive Redmond's Latest CompetencyBy John Hazard | Posted 2005-11-30 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
Microsoft recrafts its security competency to fit into partners' business setsmolding the program around business solutions and even allowing for a vendor neutral approach.
Microsoft Corp. unveiled this week a revised Security Solutions Competency constructed around solution building and a vendor neutral approach to the security ecosystem.
Microsoft executives and partners said the refurbished program is driven by solution building expertise, not just mastery of Microsoft technology, as it applies in the security environment alongside multiple vendors and business problems, a first among Microsoft's 13 competencies.
Previous security competencies dealt only with expertise in Microsoft applications and products, which discouraged participation among partners that dealt with broader security concerns.
"We're dealing with security as a business solution, the way partners deal with it," said Thomas Dawkins, security group product manager and the executive responsible for Microsoft's security partner strategy.
"We don't live in a vacuum and nobody just installs Microsoft applications and says 'I don't know how to integrate it with the rest of your system.'"
The latest program involves broader knowledge of security problems and solution building, including multiple vendor solutions, two new specializations, security management and infrastructure security.
The program also includes third party certification from ISC2 (International Information Systems Security Certification Consortium Inc.) or ISACA (Information Systems Audit and Control Association), as well as ongoing resources such as security alerts with granular guidance, and support for partners building a security practice.
The solution approach to the competency is unique among the software maker's 13 competencies, but Dawkins said it is an approach the company is interested in duplicating across the board.
Microsoft's security business through partners has grown 18 percent year to year. Dawkins added that he would like to see that reach 25 percent.
To spark security business further, Microsoft intends to unveil additional benefits and resourcesincluding margin breaks and cash incentivesthis January and February, Dawkins said.
Partners said the new approach will help drive innovative solutions and new business.
"From the customer perspective, our customers are typically not asking for us to implement Microsoft technology, but rather they are asking for solutions to a business problem that incorporates Microsoft technology," said Jeff Aliber, global director of security solutions management at Unisys Corporation, a Microsoft security partner.
"(Microsoft) recognized that they're not the only player in the environment. They're helping develop solutions that are oriented around their technology, but are cognizant of living in a larger world. It puts partners in the position to say 'I have the appropriate credential, I am who you should be calling.'"
The certification by ISC2 and ISACA also offers further legitimacy and something to advertise, partners said.
Under the previous system, most partners ignored the competency as irrelevant to their reality, Dawkins and partners acknowledged. Of Microsoft's thousands of security VARs and SIs, only a few hundred participated.
"Previously we didn't see any value in it. We didn't see any reason to expend any initiative toward it, so we ignored it," said Brad Gleason, vice president of alliances at Getronics NV, a security partner. "The program wasn't really relevant to what we were doing in the market."
In devising the program revision, Microsoft took a step partners said they found encouragingthey asked them.
Microsoft polled, questioned and researched partners and their daily activities in security sector, Dawkins and partners said.
"We knew something was broke and needed fixing," he said. "We went and we asked 'what is it you're working on? How does it relate to (the competency)?'"
"We found our certifications didn't really apply," he said. "I mean, what does a test on Microsoft's technology really say or do for you? So we made it relevant."