When you’re choosing a new IT partner, accreditations and certifications are something you may look at to help you separate potential new providers.
But not all accreditations are created equal!
If you don’t have a background working in IT, you probably won’t understand the differences between all of the various accreditations.
Don’t make the mistake of assuming that more accreditations are better! A long list of accreditations is great, but some are much harder to acquire and therefore worth a lot more to you, the potential clients!
Some of the badges you see on a potential new IT partner’s website simply refer to a particular brand of hardware product, and all they mean is that that company is authorised to sell the product.
What does it take to get authorised? In some cases, not much!
In other cases, such as with Microsoft accreditations, the company is required to train its engineers to pass specific Microsoft exams (which are no walk in the park). In order to display some of these accreditations, the company must also prove that they support a certain number of customers using these solutions.
The top accreditations to look for:
Microsoft Gold Partner
If you use Microsoft systems and applications, make sure your new provider is a Microsoft Gold partner. Make sure they are GOLD and not just a Microsoft “certified partner”, “registered partner” or “silver partner”. These accreditations are much easier to obtain and do not require such a high level of expertise or experience with Microsoft systems.
- Gold partners must employ Microsoft Certified Professionals (MCPs).
- Gold partners must attain Microsoft Competencies, for example in “Cloud Productivity”, “Windows and Devices”, “Application Development” and many others.
- Obtaining competencies requires staff to study and pass specific exams relating to that competency.
- Obtaining competencies also requires the company to provide the relevant solutions to a specified number of customers.
- At least 2 competencies must be obtained in order to be a Gold Partner.
ISO 27001
ISO 27001 is a certification relating to information security management systems. To obtain this accreditation, a company must be audited once a year by an external auditor who will inspect the company’s premises and practices to ensure compliance with a rigorous set of standards relating to data security.
Only companies who take the necessary steps to ensure data security can obtain this accreditation.
Cyber Essentials
The cyber essentials certification requires companies to prove that they are taking necessary steps to prevent cyber-attack and protect data.
Companies with the cyber essentials accreditation will have proven to an external accreditor that they have followed all cyber security best practices.
There are many requirements to achieve this accreditation, but just a few of them are:
- Installing firewalls.
- Ensuring strong passwords are used.
- Ensuring cyber security solutions are configured for maximum protection.
- Having a corporate policy relating to safe use of IT and use of data that is enforced across the company.
- Ensuring security and event logs are maintained on all equipment.
- Ensuring tight access controls on user accounts.
- Ensuring administrative accounts are only given to those who truly need them, and passwords for these accounts change every 30 days.