Strategic CIO // IT Strategy
Commentary
6/9/2014
09:01 AM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

Provider Accreditations: Do They Matter?

Although accreditations get a bad rap and are no guarantee of service quality, they can offer insight into what a provider deems important.

If you spend any time shopping for enterprise-class ISPs, co-location companies, cloud hosting vendors, and other service providers, you know that most of them are quick to rattle off their various accreditations.

Although accreditations get a bad rap and are no guarantee of service quality, they can offer insight into what a provider deems important and the types of customers it's targeting, helping customers gauge whether the provider is a good fit.

Accreditations let potential customers quickly differentiate the focus and ambitions of the service provider. For example, those that hold and proudly promote a Tier-level certification from The Uptime Institute are appealing to customers that seek highly available services. Providers that show off their CSA STAR (Security Trust and Assurance Registry) accreditation are focused on protecting customer data from security breaches. Other accreditations, such as those from the Open Compute Project, focus on systems interoperability.

But I must reemphasize: Simply having an accreditation is in no way a guarantee that the service provider will actually be able to follow through with what the accreditation stands for. Architecture discrepancies, misconfigurations, and other variables can throw off actual results.

Many a provider complicates matters by touting a wide range of accreditations. So how do you know where its true focus lies? Keep your needs close to the vest, while letting the service provider's sales team pitch their services to you. Which accreditations do the sales reps bring up early and often without any guidance from you? Usually, these are the accreditations the provider is focused on.

If you think industry accreditations and certifications are useless, think again. While I agree that an accreditation offers zero assurance that the provider is any better than another without this seal of approval, it can give an indication of whether the provider is a good fit for your needs.

Find out how a government program is putting cloud computing on the fast track to better security. Also in the Cloud Security issue of InformationWeek Government: Defense CIO Teri Takai on why FedRAMP helps everyone.

Andrew has well over a decade of enterprise networking under his belt through his consulting practice, which specializes in enterprise network architectures and datacenter build-outs and prior experience at organizations such as State Farm Insurance, United Airlines and the ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 2
SaneIT
50%
50%
SaneIT,
User Rank: Ninja
6/10/2014 | 7:18:32 AM
Re: Mismatches?
I don't think you assume that anything they don't mention is lacking.  Since each service is going to focus on why they went into business you're going to see some services downplayed.  The co-location site that I'm in was very low key about everything, it is small, they don't advertise, accounts are limited to customers of a specific ISP, but when I started asking questions I was amazed at what I was getting.  The site existed because a very large customer wanted an incredibly secure site for very sensitive information, since they had the space they decided to let some other customers rent racks.  They didn't really sell the site because it is not their primary offering.  Before I moved into this site I was with one that sold themselves on their connectivity.  They sat in a great spot that every telco in the area had access to but aside from their connectivity they had great physical security, incredible network guys and I never had a single problem with them.  I only moved because I could get my site space for free.
Curt Franklin
50%
50%
Curt Franklin,
User Rank: Strategist
6/9/2014 | 4:47:56 PM
A question of trust...
Andrew, this is a really thought-provoking post, but it leads to a question: If you can't trust the certificate to indicate that a service provider will deliver on their promise, how can you trust the certificate to be a reliable indicator of intent? What's the proper level of trust for such things?

I know that there are many degrees of trust -- I'm just very interested in what degree we might assume, and whether there are any general indicators for when that trust degree should rise or fall.
David Wagner
50%
50%
David Wagner,
User Rank: Strategist
6/9/2014 | 4:18:03 PM
Mismatches?

@Andrew- I think you've got a good way of pushing through the sales fluff. But here's a question-- what do you do with a company that seems to fit your needs but they don't emphasize the types of credentials you are looking for? Do you think if you ask at that point it is too late to get an honest answer? So say security is your biggest need and the sales pitch emphasizies interoperability. Do you chalk that up as not a fit or just a sign that the sales team doesn't get security is your biggest need?
<<   <   Page 2 / 2
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Nov. 10, 2014
Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.