sil wrote:Your doctor whom you trust most is about to perform life or death surgery on you. How would you feel it the hospital board simply said: "Trusted, I see your certificate" without ever determining whether this Dr went to med school? In the industry of say government contractors, this is exactly what is happening. Voodoo security doctors. All paper based with no experience. As a taxpayer it costs both you and I more when taxes are raised.
I always loved the quote/saying
"A student who graduates med school with a C average is still a doctor" or something of that effect.
Certs help hiring managers and HR feel warm and fuzzy. It documents that someone is SUPPOSE to adhere to an ethical code in some cases (ISC2, GIAC, etc...). I agree they are great for helping you get in the door. I also agree that they help prove that you have taken the time to invest in your career. After all we should be doing this because we love it not because it makes us good money. I always like to say that the money is a perk for doing something I love.
I don't agree with companies forcing their staff to obtain certs just to say our staff is certified. The only exception are vendor partners. Many vendors require their partners to hold a certain level of certifications. If a conulting company is a Microsoft Gold partner, then they need to have a certain amount of MCITPs, MCSEs, MCPs etc... Now what I don't agree with is making the current employees flip the bill themselves for certification exams and training, reimbursement is fine, but offering to pay for training up front is better. This shows the company wants to invest in you and your abilities as much as you do.
My last job the CIO or CEO (not sure who made the ultimate call in the end) decided that they would take the advice of a hack consulting firm who recommended that they have fully certified staff for their internal tech support. This prompted a full review of the current operations of the technical support department and eventually lead to the decision to outsource our duties to contractors. They began by bringing in a number of consultants to "help" with planning our enterprise projects. It consisted of project manager with a CISSP but no relevant experience related to the projects and another person who again had no real experience. But hey they are certified so all is well right? Then they began bringing in consultants to help fill the help desk seats. Again no relevant experience but they were certified. Supposedly they had someone coming in experienced with our Patch management system, alas, that was a myth. Neither of the consultants even heard of it. 2 days later after I resigned, I got a call to work a 2 week contract in the city for the exact system. I had to chuckle. So they brought in all these consultants to replace the 8 fully qualified full timers, user issues are falling by the wayside, nothing is getting done and overall moral is crap. But hey, its ok, they are all certified.
Ok one more good one, they didn't even vet these consultants, one was coming in stinking like alcohol every day, he was eventually let go.
Certs are important, I enjoy going for the ones that will benefit my knowledge rather than fill a quota. When I finally did take my first SANS course, I thought it was excellent! For one it forced me to study, otherwise I get distracted when I try to self study and for two, I got to learn some things I didn't know. Its also nice to gauge my success and even better utilize what I learned. Just wish the SANS classes would have some form of student loan program, you are not always lucky to find an employer who will dole out 3500 for a 6 day course. I also agree that certs do not make the individual.