News

Security Competency Gets Revamped

Microsoft revises Partner Competency, splitting it into two tracks for technical implementers and security management partners.

As a response to partners seeking help from Microsoft in its never-ending battle to keep customers secure, Microsoft Corp. says it has restructured the Security Solutions competency into two specializations with revised requirements.

In the process, Microsoft also sought an assist from outside its walls, partnering with two key security groups, the Information Systems Audit and Control Association (ISACA) and the International Information Systems Security Certification Consortium ((ISC)2).

Microsoft says it has taken a "technology agnostic" approach within its Security Solutions competency, splitting it into two specializations that address technical issues and the other that looks at security policy and risk management, governance, and auditing.

"Whether you’re working with Microsoft technology or providing security products, services or solutions — across the enterprise we want them to have a home in this program," said Thomas Dawkins, a group product manager involved in developing the security partner strategy, through a statement.

The technical track, Infrastructure Security, focuses on a partner's ability to implement and administer security measures to its customers. As part of the specialization's fulfillment, partners must have two employees on their staff who've earned IT security certifications. Microsoft this time around has tweaked the requirements: Rather than requiring staffers to both possess an MCSE: Security certification, Microsoft has added third-party certifications onto the requirements list.

Two of those certifications come from the (ISC)2, a vendor-supported security industry group that includes Microsoft among its board: Certified Information Systems Security Professional (CISSP) and Systems Security Certified Practitioner (SSCP).

Two others come from ISACA, an independent group who focuses on standards, IT governance, risk management and auditing: Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM).

Employees who use those certifications toward fulfillment must also have passed Microsoft's exam 70-299: Implementing and Administering Security in a Microsoft Windows Server 2003 Network.

The other track targets a different kind of partner, one that Microsoft says is focused on providing security management services to its customers. The Security Management specialization, therefore is less technical and, in fact, doesn't require an MCSE: Security. Instead, the specialization requires two employees who've earned a CISSP, CISA, or CISM and have passed Microsoft exam 70-298: Designing Security for a Windows Server 2003 Network.

Both tracks also require three documented, security solutions-oriented customer references.

For details on the changes, go to https://partner.microsoft.com/global/competency/securitysolutions/40017158. To find out more about ISACA, go to http://www.isaca.org/. More on (ISC)2 can be found at https://www.isc2.org/.

About the Author

Michael Domingo has held several positions at 1105 Media, and is currently the editor in chief of Visual Studio Magazine.

Featured

  • Vendors Issue Patches for Linux Container Runtime Flaw Enabling Host Attacks

    This week, the National Institute of Standards and Technology (NIST) described a high-risk security vulnerability (CVE-2019-5736) for organizations using containers that could lead to compromised host systems.

  • Windows 10 Version 1809 Users May Get Visual Studio Crashes

    Microsoft on Friday issued an advisory for Windows 10 version 1809 users about possible Visual Studio crashes.

  • Standardizing the Look of Outlook's Outbound Messages

    Microsoft typically gives users a blank canvas to compose new e-mails in Outlook. In some corporate environments, however, a blank canvas isn't a good thing.

  • Windows 10 'Semiannual Channel Targeted' Goes Away This Spring

    Microsoft plans to slightly alter its Windows servicing lingo and management behavior with its next Windows 10 operating system feature update release, coming this spring.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.