From The Editor | April 21, 2009

CompTIA Unveils Business Accreditation Offerings

MJ Shoer, president and virtual CTO for Jenaly Technology Group, is among the first wave of VARs to earn the newly unveiled CompTIA Security Trustmark accreditation, a vendor-neutral, business-level accreditation for solutions providers. He has always felt strongly that VARs needed a way to differentiate themselves from fly-by-night IT operations that can create insurmountable objections in the minds of customers burnt by poor advice and service — and he sees the new CompTIA Trustmark program as a great starting point. “There is no barrier for someone to hang out a shingle and say — hey, I provide IT services — and that hurts our industry,” says Shoer, who, for full disclosure, is a former member of the CompTIA board. “This program provides us something similar to a Good Housekeeping seal of approval or the Underwriters Laboratories (UL) tag.” He says that as a customer, it is nice to have something that levels the playing field, especially since the market is so confusing with a lot of choices — both technologies and solutions providers. “It is hard to qualify those choices so that you, as a customer, know you are making a good decision. This changes that, it sets the standard.”

It was during a February meeting I attended with CompTIA’s new leadership team that Robert Biddle, VP of member programs, hinted about a new education/best practices offering from the organization, now formally titled the Trustmark program. Launched just this year, the organization now offers the Security Trustmark, and has plans to roll out additional accreditation programs in other technology fields. Under the direction of Earle Humphries, the Trustmark program was developed to help to both establish and continually update the best practices standards of security solutions providers, all with the support of technology vendors such as Microsoft, McAfee, and Symantec. “Our goal is to provide a business-level accreditation rather than a vendor’s technology certification credentials,” explains Biddle. The outcome for solution providers is a neutral stamp of approval that assures both potential vendor partners and customers that the solutions provider is qualified, maintain best practices, and is dedicated to positive customer service relationships. So far, more than a dozen resellers and managed services providers have already tackled the accreditation process, which evaluates a company on the following criteria:
  • Business continuity planning
  • Access management
  • Incident management
  • Personnel security
  • Security awareness and training
  • Data protection
  • Technical infrastructure
  • Partner management
  • Physical/environmental security
  • Compliance
  • Service delivery

In Shoer’s opinion, the outcome benefits a VAR on two levels. “I think the process they put together is outstanding; it was the first experience we’ve ever had with something like that and it was eye opening,” says Shoer. “It was good to look at all those elements of your business from a critical perspective, not only to identify where your doing things well, but to close the gaps you find.” An important element of the Trustmark program is its clear explanation of what is necessary to remediate deficiencies if your business does not pass the initial audit.

Additionally, Shoer says, “As a business owner, this is a differentiator — it sets us it apart, and it shows we have invested the resources in validating what we sell and what we say.”

For more on the Trustmark program, visit