February 21, 2009

More email security tips

    side effects cialis class=”postData”>

  • Date: November 11th, 2008
  • Author: Chad Perrin

Email security is about a lot more than just using a good password on your POP or IMAP server. Perhaps the most important part of email security is ensuring you don’t shoot yourself in the foot.


In February this year, I listed five basic email security tips that everyone should employ. The following is a list of five more good pieces of email security advice:

  1. Turn off automated addressing features. As communication software accumulates more and more automated convenience features, we’ll see more and more cases of accidentally selecting the wrong recipients. A prime example is Microsoft Outlook’s “dreaded auto-fill feature“, where it is all too easy to accidentally select a recipient adjacent to your intended recipient in the drop-down list. This can be particularly problematic when discussing private matters such as business secrets.
  2. Use BCC when sending to multiple recipients. It’s a bad idea, from a security perspective, to share email addresses with people who have no need for them. It is also rude to share someone’s email address with strangers without permission. Every time you send out an email to multiple recipients with all the recipients’ names in the To: or CC: fields, you’re sharing all those email addresses with all the recipients. Email addresses that are not explicitly meant to be shared with the entire world should, in emails addressed to multiple recipients, be specified in the BCC: field — because each person will then be able to see that he or she is a recipient, but will not be able to see the email addresses of anyone else in the BCC: field.
  3. Save emails only in a safe place. No amount of encryption for sent emails will protect your privacy effectively if, after receiving and decrypting an email, you then store it in plain text on a machine to which other people have access. Sarah Palin found out the hard way that Webmail providers don’t do as good a job of ensuring stored email privacy as we might like, and many users’ personal computers are not exactly set up with security in mind, as in the case of someone whose MS Windows home directory is set up as a CIFS share with a weak password.
  4. Only use private accounts for private emails. Any email you share with the world is likely to get targeted by spammers — both for purposes of sending mail to it and spoofing that email address in the From: field of the email headers. The more spammers and phishers spoof your email address that way, the more likely your email address is to end up on spam blocker blacklists used by ISPs and lazy mail server sysadmins, and the more likely you are to have problems with your emails not getting to their intended recipients.
  5. Double-check the recipient, every time — especially on mailing lists. Accidentally replying directly to someone who sent an email to a mailing list, when you meant to reply to the list, isn’t a huge security issue. It can be kind of inconvenient, though, especially when you might never notice your email didn’t actually get to the mailing list. The converse, however, can be a real problem: if you accidentally send something to the list that was intended strictly for a specific individual, you may end up publicly saying something embarrassing or, worse, accidentally divulging secrets to hundreds of people you don’t even know.
Permalink • Print • Comment

Basic e-mail security tips

  • Date: February 25th, 2008
  • Author: Chad Perrin

There’s a lot of information out there about securing your e-mail. safe cialis Much of it is advanced and doesn’t apply to the typical end user. Configuring spam filters such as SpamAssassin, setting up encrypted authentication on mail servers, and e-mail gateway virus scanner management are not basic end-user tasks.

When one can find end-user e-mail security tips, they’re usually specific to a single mail client or mail user agent such as Microsoft Outlook, Mozilla Thunderbird, or Mutt. This sort of information is of critical importance to many users of these applications, but there are few sources of more general security information for e-mail users that aren’t specific to a given client application.

The following is a short list of some important security tips that apply to all e-mail users — not just users of a specific application. They are listed in the order one should employ them, from the first priority to the last. This priority is affected not only by how important a given tip is, but also by how easy it is to employ; the easier something is to do, the more likely one is to actually do it and move on to the next tip.

  1. Never allow an e-mail client to fully render HTML or XHTML e-mails without careful thought. At the absolute most, if you have a mail client such as Microsoft Outlook or Mozilla Thunderbird that can render HTML e-mails, you should configure it to render only simplified HTML rather than rich HTML — or “Original HTML” as some clients label the option. Even better is to configure it to render only plain text. When rendering HTML, you run the risk of identifying yourself as a valid recipient of spam or getting successfully phished by some malicious security cracker or identity thief. My personal preference is, in fact, to use a mail user agent that is normally incapable of rendering HTML e-mail at all, showing everything as plain text instead.
  2. If the privacy of your data is important to you, use a local POP3 or IMAP client to retrieve e-mail. This means avoiding the use of Web-based e-mail services such as Gmail, Hotmail, and Yahoo! Mail for e-mail you wish to keep private for any reason. Even if your Webmail service provider’s policies seem sufficiently privacy-oriented to you, that doesn’t mean that employees won’t occasionally break the rules. Some providers are accused of selling e-mail addresses to spamming “partners.” Even supposedly security-oriented Webmail services such as Hushmail can often be less than diligent in providing security to their users’ e-mail.
  3. It’s always a good idea to ensure that your e-mail authentication process is encrypted, even if the e-mail itself is not. The reason for this is simple: You do not want some malicious security cracker “listening in” on your authentication session with the mail server. If someone does this, that person can then send e-mails as you, receive your e-mail, and generally cause all kinds of problems for you (including spammers). Check with your ISP’s policies to determine whether authentication is encrypted and even how it is encrypted (so you might be able to determine how trivial it is to crack the encryption scheme used).
  4. Digitally sign your e-mails. As long as you observe good security practices with e-mail in general, it is highly unlikely that anyone else will ever have the opportunity to usurp your identity for purposes of e-mail, but it is still a possibility. If you use an encryption tool such as PGP or GnuPG to digitally sign your e-mails, though, recipients who have your public key will be able to determine that nobody could have sent the e-mail in question without having access to your private key — and you should definitely have a private key that is well protected.
  5. If, for some reason, you absolutely positively must access an e-mail account that does not authorize over an encrypted connection, never access that account from a public or otherwise unsecured network. Ever. Under any circumstances.

Be aware of both your virtual and physical surroundings when communicating via e-mail. Be careful. Trust no one that you do not absolutely have to trust, and recognize the dangers and potential consequences of that trust.

Your e-mail security does not just affect you; it affects others, as well, if your e-mail account is compromised. Even if the e-mail account itself is not compromised, your computer may be if you do not take reasonable care with how you deal with e-mails — and that, in turn, can lead to affecting both you and others adversely as well.

Don’t be a victim.

Permalink • Print • Comment

10 mistakes new Windows administrators make

  • Date: December 15th, 2008
  • Author: Debra Littlejohn Shinder

Whether you’re new to network administration or to the Windows environment, a few common oversights and mistakes can trip you up. Deb Shinder explains how to avoid some of the problems new Windows admins often encounter.


Maybe you’re a brand new network admin. You’ve taken some courses, you’ve passed some certification exams, perhaps you even have a Windows domain set up at home. But you’ll soon find that being responsible for a company network brings challenges you hadn’t anticipated.

Or maybe you’re an experienced corporate IT person, but up until now, you’ve worked in a UNIX environment. Now — either due to a job change or a new deployment in your current workplace — you find yourself in the less familiar world of Windows.

This article is aimed at helping you avoid some of the most common mistakes made by new Windows administrators.

Note: This information is also available as a PDF download.

#1: Trying to change everything all at once

When you come into a new job, or start working with a new technology, you may have all sorts of bright ideas. If you’re new to the workplace, you immediately hone in on those things that your predecessors were (or seem to have been) doing wrong. You’re full of all the best practices and tips and tricks that you learned in school. If you’re an experienced administrator coming from a different environment, you may be set in your ways and want to do things the way you did them before, rather than taking advantage of features of the new OS.

Either way, you’re likely to cause yourself a great deal of grief. The best bet for someone new to Windows networking (or to any other job, for that matter) is give yourself time to adapt, observe and learn, and proceed slowly. You’ll make your own job easier in the long run and make more friends (or at least fewer enemies) that way.

#2: Overestimating the technical expertise of end users

Many new administrators expect users to have a better understanding of the technology than they do. Don’t assume that end rx cialis low price users realize the importance of security, or that they will be able to accurately describe the errors they’re getting, or that they know what you mean when you tell them to perform a simple (to you) task such as going to Device Manager and checking the status of the sound card.

Many people in the business world use computers every day but know very little about them beyond how to operate a few specific applications. If you get frustrated with them, or make them feel stupid, most of them will try to avoid calling you when there’s a problem. Instead they’ll ignore it (if they can) or worse, try to fix it themselves. That means the problem may be far worse when you finally do become aware of it.

#3: Underestimating the technical expertise of end users

Although the above applies to many of your users, most companies will have at least a few who are advanced computer hobbyists and know a lot about technology. They’re the ones who will come up with inventive workarounds to circumvent the restrictions you put in place if those restrictions inconvenience them. Most of these users aren’t malicious; they just resent having someone else in control of their computer use — especially if you treat them as if they don’t know anything.

The best tactic with these users is to show them that you respect their skills, seek out their input, and let them know the reasons for the rules and restrictions. Point out that even a topnotch racecar driver who has demonstrated the ability to safely handle a vehicle at high speed must abide by the speed limits on the public roads, and it’s not because you doubt his/her technology skills that you must insist on everyone following the rules.

#4: Not turning on auditing

Windows Server operating systems have built-in security auditing, but it’s not enabled by default. It’s also not one of the best documented features, so some administrators fail to take advantage of it. And that’s a shame, because with the auditing features, you can keep track of logon attempts, access to files and other objects, and directory service access.

 Active Directory Domain Services (AD DS) auditing has been enhanced in Windows Server 2008 and can be done more granularly now. Without either the built-in auditing or third-party auditing software running, it can be almost impossible to pinpoint and analyze what happened in a security breach.

#5: Not keeping systems updated

This one ought to be a no-brainer: Keeping your servers and client machines patched with the latest security updates can go a long way toward preventing downtime, data loss, and other consequences of malware and attacks. Yet many administrators fall behind, and their networks are running systems that aren’t properly patched.

This happens for several reasons. Understaffed and overworked IT departments just may not get around to applying patches as soon as they’re released. After all, it’s not always a matter of “just doing it” — everyone knows that some updates can break things, bringing your whole network to a stop. Thus it’s prudent to check out new patches in a testbed environment that simulates the applications and configurations of your production network. However, that takes time — time you may not have.

Automating the processes as much as possible can help you keep those updates flowing. Have your test network ready each month, for instance, before Microsoft releases its regular patches. Use

Windows Server Update Services (WSUS) or other tools to simplify and automate the process once you’ve decided that a patch is safe to apply. And don’t forget that applications — not just the operating system — need to be kept updated, too.

#6: Getting sloppy about security

Many administrators enforce best security practices for their users but get sloppy when it comes to their own workstations. For example, IT pros who would never allow users to run XP every day logged on with administrative accounts think nothing about running as administrators themselves while doing routine work that doesn’t require that level of privileges. Some administrators seem to think they’re immune to malware and attacks because they “know better.” But this over confidence can lead to disaster, as it does in the case of police officers who have a high occurrence of firearms accidents because they’re around guns all the time and become complacent about the dangers.

#7: Not documenting changes and fixes

Documentation is one of the most important things that you, as a network admin, can do to make your own job easier and to make it easier for someone else to step in and take care of the network in your absence. Yet it’s also one of the most neglected of all administrative tasks.

You may think you’ll remember what patch you applied or what configuration change you made that fixed an exasperating problem, but a year later, you probably won’t. If you document your actions, you don’t have to waste precious time reinventing the wheel (or the fix) all over again.

Some admins don’t want to document what they do because they think that if they keep it all in their heads, they’ll be indispensible. In truth, no one is ever irreplaceable — and by making it difficult for anyone else to learn your job, you make it less likely that you’ll ever get promoted out of the job.

Besides, what if you got hit by a truck crossing the street? Do you really want the company to come to a standstill because nobody knows the passwords to the administrative accounts or has a clue about how you have things set up and what daily duties you have to perform to keep the network running smoothly?

#8: Failing to test backups

One of the things that home users end up regretting the most is forgetting to back up their important data — and thus losing it all when a hard drive fails. Most IT pros understand the importance of backing up and do it on a regular schedule. What some busy admins don’t remember to do regularly is test those backups to make sure that the data really is there and that it can be restored.

Remember that making the backup is only the first step. You need to ensure that those backups will work if and when you need them.

#9: Overpromising and underdelivering

When your boss is pressuring you for answers to questions like “When can you have all the desktop systems upgraded to the new version of the software?” or “How much will it cost to get the new database server up and running?”, your natural tendency may be to give a response that makes you look good. But if you make promises you can’t keep and come in late or over budget, you do yourself more damage than good.

A good rule of thumb in any business is to underpromise and overdeliver instead of doing the opposite. If you think it will take two weeks to deploy a new system, give yourself some wiggle room and promise it in three weeks. If you’re pretty sure you’ll be able to buy the hardware you need for $10,000, ask for $12,000 just in case. Your boss will be impressed when you get the project done days ahead of time or spend less money than expected.

#10: Being afraid to ask for help

Ego is a funny thing, and many IT administrators have a lot invested in theirs. When it comes to technology, you may be reluctant to admit that you don’t know it all, and thus afraid — or embarrassed — to ask for help. I’ve know MCSEs and MVPs who couldn’t bear to seek help from colleagues because they felt they were supposed to be the “experts” and that their reputations would be hurt if they admitted otherwise. But plunging ahead with a project when you don’t know what you’re doing can get you in hot water, cost the company money, and even cost you your job.

If you’re in over your head, be willing to admit it and seek help from someone more knowledgeable about the subject. You can save days, weeks, or even months of grief by doing so.

Permalink • Print • Comment

How do I… Add music and narration to a PowerPoint presentation?

  • Date: March 4th, 2008
  • Author: Susan Harkins

The best presentations engage the audience using a number of creative tools. Sound effects, such as music and voice recordings can mean the difference between a good presentation and an outstanding presentation. You can energize your audience with a quick tempo, play your company’s latest jingle, or add narration to an on-demand presentation. At the very least, you can play music at the beginning and ending of a presentation as the audience enters and leaves the room. The only limits are good taste and your imagination.

This blog post is also available in PDF form as a TechRepublic download.

About sound files

Microsoft PowerPoint supports media clips, which include sound and video files. The computer playing your presentation will need a sound card and speakers. That doesn’t mean just the system you use to create the presentation, but any system on which you might play the presentation. Today, most systems come with everything you need, but older systems might need an upgrade. (It’s highly unlikely that you’ll encounter such an old system, but don’t rely on that — check it out first!)

Table A lists the media files PowerPoint supports, although this article deals only with sound files.

Table A: Media support

File

Explanation

Attributes

MIDI Musical Instrument Digital Interface Sound
WAV Microsoft Windows audio format Sound
MPEG Motion Picture Exerts Group Standard video format with a constant frame per second rate
AVI Microsoft Windows video format Video format with a constant frame rate per second
GIF Graphical Interface Format 256 color picture that supports animation.

Like most special effects, sound can catch the attention of your audience and convey a message or emotion in a way words or pictures can’t. On the other hand, used poorly, sound can be distracting or even annoying. As always, your purpose will determine how much, if any, sound your presentation needs.

The basics — inserting sound

Including sound is as simple as selecting a file:

Use existing clips by double-clicking one of the Title, Text and Media Clip layouts from the Slide Layout task pane. Double-click the media clip icon shown in Figure A to launch the Media Clip dialog box.

Figure A

Choose a media slide from the Slide Layout task pane

When you double-click a WAV or MIDI file, PowerPoint displays the prompt shown in Figure B. The options Automatically and When Clicked are self-explanatory.

Figure B

PowerPoint will play the sound file when the slide is current, or you can click the icon to play it

Work with unique sound files by choosing Movies and Sound from the Insert menu and then selecting Sound From File or Sound From Clip Organizer. You can also record sound or play a track from a CD. After selecting a file, PowerPoint prompts you to specify how to execute the file (see Figure B).

If PowerPoint doesn’t support a clip’s format, choose Object from the Insert menu and choose the appropriate object type. Alternately, you can convert the file to a supported type. Use a search engine to search for “video file conversion.” However, don’t be surprised if the converted file is less than satisfactory. It’s difficult to maintain quality when converting media files.

In PowerPoint 2007, you’ll find the Sound option in the Media Clips group on the Insert tab.

PowerPoint displays a sound clip as a small icon, which shows during Slide Show view. When the presentation plays the clip automatically, you might want to hide the icon. There’s really no good reason to display it.

To hide the icon, right-click the icon and choose Edit Sound Object from the resulting submenu. In the Sound Options dialog box, shown in Figure C, check the Hide Sound Icon During Slide Show option, and click OK. Double-click the icon in PowerPoint 2007 to find these options.

Figure C

Edit the file’s attributes

If you choose the click option, it’s worth mentioning that clicking the icon a second time doesn’t disable the sound — the file plays from beginning to end once you click it. In PowerPoint 2007, clicking the icon restarts the file.

To learn just how long a file lasts, right-click the icon and choose Edit Sound Object. The file’s playing time is in the Information section at the bottom (see Figure C). If you want the file to play continuously, while the slide is current, check the Loop Until Stopped option. Moving to the next or previous slide will cancel the loop.

Narrating a presentation

To record a unique sound or message, you’ll need a microphone. Unfortunately, some microphones that come with today’s systems aren’t very sophisticated. If you record someone talking, it may sound distorted when played. Suddenly, you may have a lisp or an accent! Specialized software can clear up some problems, but they’re expensive and that’s just one more piece of software you’ll have to learn. It might be more efficient to invest in a better microphone.

PowerPoint makes it easy to narrate a presentation, which is a plus in a Web-based, automated, or on-demand presentation. You might also use this feature to include a statement from an individual, such as a celebrity or your company’s CEO.

Don’t jump right into recording. First, write a script and rehearse it. Once you’re comfortable with your speaking part, you can record your narration:

  1. Choose Record Narration from the Slide Show menu to open the Record Narration dialog box. In PowerPoint 2007, this option is in the Set Up group on the Slide Show tab.
  2. Click Set Microphone Level to check your microphone. Read the sentence that appears in the Microphone Check dialog and let the Microphone Wizard adjust your microphone automatically. Click OK.
  3. If you need to adjust the quality to CD, radio, or telephone, click Change Quality to open the Sound Selection dialog box. Just remember that quality increases the file’s size. If file size is a concern, you may have to compromise quality just a bit.
  4. By default, PowerPoint stores the narration with the presentation. To store the sound file in a separate WAV file (in the same folder) check Link Narrations In. Click Browse to change the location of the separate WAV file, but use caution when doing so — only store the two separately when you have a good reason for doing so. If a sound file is over 50MB, you must link it.
  5. Click OK and start recording. As PowerPoint displays your presentation, you narrate just as you want the message played. Continue to narrate each slide until you’re done.
  6. At the end of the presentation, PowerPoint will prompt you to save the timings with each slide. This can be helpful if you didn’t get each slide just prescription cialis right and you need more practice.

Step five mentions linked files. If you’re using the same system to both create and show the presentation, linked files are fine, but not necessary. Linked files are a good choice if the sound files are large or if you plan to change the source file. By default, PowerPoint automatically links sound files that are larger than 100KB.

To change this setting, choose Options from the Tools menu, and then click the General tab and update the Link Sounds With File Size Great Than option. PowerPoint 2007 users will find this option by clicking the Office button, clicking the PowerPoint options button (at the bottom right) and then choosing Advanced. The option is in the Save section.

Use the Package for CD (PowerPoint 2003) or Pack And Go Wizard (PowerPoint 2002) to make sure you save linked files with the presentation. Names can be problematic: A linked file’s path name must be 128 characters or less.

More options

Narration is only one type of recoding you might consider. If you can record it, you can include it in your presentation. To record a single message or unique sound, choose Movies and Sound from the Insert menu and choose Record Sound. In PowerPoint 2007, this option is in the Sound option’s dropdown list, in the Media Clips group on the Insert tab.

In the resulting Record Sound dialog box shown in Figure D, enter a description and name. Click Record when you’re ready to begin. Click Stop when you’re done. Use Play to listen to the new recording. Click OK to save the sound with the presentation. Or, click Cancel to exit and try again. If you save a sound, it appears as an icon, which you can use anywhere in the presentation you like. Mix this capability with action settings for a unique effect. Just don’t over do it!

Figure D

You can record sounds inside PowerPoint

Playing a CD

Playing music is a great way to begin or end a presentation. However, the music doesn’t have to be a top 10 tune. It only needs to be appropriate. For example, you might play Mendelssohn’s Wedding March if your presentation is about catering receptions. Or, pleasing dinner music might be the way to go. It’s really up to you; just keep your audience in mind. To include a song from a CD, do the following:

  1. Insert the CD.
  2. From the Insert menu, choose Movies and Sound. Then, select Play CD Auto Track to open the Insert CD Audio dialog box. In PowerPoint 2007, choose Play CD Audio Track from the Sound option’s dropdown list. You’ll find this option in the Media Clips group on the Insert tab.
    • The Start At Time and End At Time fields let you capture just part of a track instead of using the entire track.
    • Use the Sound Volume button to control the audio’s volume.
    • Check the Hide While Not playing option in the Display Options section if you don’t want the audio’s icon to show when the music isn’t playing.
  3. Click OK when you’re done. PowerPoint lets you play the track by clicking or displaying the slide.

Like other sound files, Power Point displays a CD icon on the current slide. Just be careful that you don’t violate any copyright laws when including someone else’s music in your presentation.

A word on animation

You can use custom animation to control sound files to add a unique and creative dimension to your presentation. To get started, select a sound icon and display the Custom Animation task pane. PowerPoint offers a ton of options, and does a good job of disabling inappropriate choices for the selected clip.

Creating custom animation can be complicated and the truth is most presentations won’t need that much energy. However, the feature’s there and you might as well learn a bit about it. There’s an entire tab dedicated to animation in PowerPoint 2007. Click the Custom Animations option in the Animations group to create custom effects.

Design for effect

Multimedia files can liven up any presentation and sound is definitely part of that mix. You can play an appropriate tune or your company’s jingle. With one click, you can play your company’s latest radio ad for the head honchos. Whether you’re pitching a new product or sharing photos of your new baby, use sound to set the mood.

Permalink • Print • Comment

10 things you should know about Microsoft’s revised certification program

  • Date: December 15th, 2008
  • Author: Erik Eckel

Microsoft has made some fairly big changes to its certification program. If you’re in the midst of pursuing accreditation — or you’re thinking of heading down one of the new paths — check out this rundown of new features.


Microsoft’s products weren’t the only items receiving a makeover in 2008; certifications saw significant changes as well. In addition to several new tracks, Microsoft introduced some long-sought features to its accreditation program.

What prompted the changes? Redmond executives say IT managers indicated that the number and variety of credentials made it difficult to understand which best suited their organizations, while individuals pushed for accreditations that enabled them to better stand out.

Microsoft’s new generation of certifications aims to address these concerns with accreditations that more accurately measure and describe an individual’s real-world skills, making it easier for hiring managers to identify the specific talent they require. The changes kick in with the client and server products succeeding Windows Server 2003.

Keeping the changes straight can prove confusing. Here are 10 aspects of Microsoft’s revised certification program to help you get up to speed and make the right decisions.

Note: This information is also available as a PDF download.

#1: New logos can be customized

Whereas one icon was used in the past to denote a specific certification and potential broad area of expertise — such as with an MCP who could denote skill associated with anything from Windows 98 to Windows XP — the new-generation certifications feature customizable logos. While that may not seem like a big deal at first, it’s a major improvement for certified professionals seeking to differentiate themselves from others on their Web sites, their stationery, and their business cards, not to mention consultants’ advertising.

Legacy logos used for Microsoft Certified Systems Administrators (MCSAs), MCSEs, and others remain valid. But a new Logo Builder enables candidates earning new-generation credentials to denote their specific areas of expertise.

For example, a new Technology Specialist’s logo will feature the Technology Specialist logo on the icon’s left side. But space at the right-side will now be reserved to indicate the specific job role (such as server administrator versus enterprise administrator) or technology (Windows Server 2008 versus Microsoft Exchange Server 2007) the certification covers. This should help ensure that new-generation credentials are more easily understood and prove more relevant to the holder and to human resources staff, hiring managers, and IT departments.

#2: MCTs are affected

Changes to Redmond’s certification program affect Microsoft Certified Trainers (MCTs), too. While MCTs need not earn new-generation certification to maintain their current MCT status, many will find they must now earn new, specialized certifications to teach the new courses.

MCT competencies require only new Professional Series credentials; technical specialist credentials will not be necessary to serve as an MCT. However, Microsoft’s new generation certification paths require that their courses be taught by appropriately accredited instructors.

Instructor requirements must be met within 90 days of a Professional Series accreditation being introduced. MCTs who don’t meet the competency requirements in time will not be authorized to lead training courses until they earn the required certifications, at which point they will be reauthorized. You can find out more about MCT competencies on Microsoft’s Web site.

#3: Exams are changing

Certification candidates can expect big changes in exams, too. Microsoft claims the new Technology Specialist exams, for example, delve more deeply into the features, functions and how-to skills required to effectively manage product technologies. Redmond training staff always encouraged candidates to have real-world experience with the technologies they’re attempting to gain certification for; that hands-on expertise now becomes even more important.

In addition to other traditional certification preparation efforts, candidates will now be required to complete three weeks of comprehensive classroom training for some accreditations. Taking a page out of other vendors’ programs, some credentials (such as those within the Master Series path) now require also passing a hands-on lab examination. Others, such as those within the Architect Series path) require passing an oral examination presented by a board of certified architects.

All the new examination elements, along with more emphasis on exam security, are designed to add rigor and value to Microsoft certifications and increase relevance of the certs in the marketplace.

#4: You can maintain your current credential path

What should candidates do if they’re already working toward a different certification? Microsoft recommends IT professionals follow their current certification paths to completion, saying that the certification remains a relevant credential and upgrade options will be available.

Older certifications that did not carry retirement dates remain valid. Thus, there’s no need to renew an older credential (such as a Microsoft Certified Professional or MCSE accreditation) that didn’t retire.

If IT pros are worried that they may not be able to devote the time, energy, or resources to maintaining one of the new-generation certifications, they might want to consider refocusing their efforts to complete their current path. But the newer credentials are likely to provide greater distinction, so someone who has just begun a certification path might want to weigh migrating to the new certification path instead. For more information on Microsoft’s certification paths, see this overview.

#5: Existing certified pros are not automatically entered in new tracks

Those candidates already certified or working to complete a different certification path will find they are not automatically transferred or somehow migrated to the new credential program. The new-generation certifications constitute new training and exam methods, and many boast new lab or review board requirements. Those professionals interested in earning Microsoft accreditation must recognize the new tracks are just that: new tracks that require passing new and different exams.

#6: Second Shot enables free exam retakes

Another certification change is Microsoft’s Second Shot benefit, which offers candidates discounts and free exam retakes. The trick is to get registered before December 31, 2008.

Registered candidates passing Microsoft certification exams before December 31, 2008, on their first attempt are eligible for a 25 percent discount on a different exam. The discounted exam must be taken before February 28, 2009.

Second Shot also extends benefits to those failing a Microsoft exam. Registered candidates who fail a certification exam on their first try can attempt a free retake until June 30, 2009.

#7: New certifications introduce lifecycle policies

For the first time, Microsoft is introducing certification lifecycles. New Microsoft certifications, including the Microsoft Certified Technology Specialist (MCTS, which is the designation attached to the new Technology Series), MCITP, and MCPD accreditations, will all retire when mainstream support for the corresponding technology retires.

Such certifications will then be listed on official transcripts as retired credentials. When credentials retire, they can no longer be used to download marketing materials, logos, and other otc cialis related information. Holders of older credentials, including Microsoft Certified Professional (MCP), Microsoft Certified Systems Engineer (MCSE), and Microsoft Certified Application Developer (MCAD), are not affected.

#8: New-generation certifications emphasize four series

The new-generation certifications are broken into four series:

  • The Technology Series helps IT pros showcase specific technology skills, knowledge, and expertise. IT managers should have confidence that a Microsoft Technology Specialist is “consistently capable of implementing, building, troubleshooting and debugging a particular Microsoft technology.” Typically, one to three exams must be passed to earn this non-job-role specific designation, which will expire when Microsoft suspends mainstream support for the related product or technology.
  • The Professional Series helps IT pros showcase skills, expertise, and knowledge in a specific job role, such as project management, operations management, and planning. IT managers should have confidence that, “by validating a more comprehensive set of skills, these credentials give candidates and their hiring managers a reliable indicator of on-the-job performance.” Typically, one to three exams must be passed to earn this designation, which will expire when Microsoft suspends mainstream support for the related product or technology.
  • The Master Series helps seasoned technology professionals denote their ability to design and implement complex business solutions. Microsoft touts the new program as being advanced and requiring experience-based training and testing. Candidates must pass prerequisite Technology and Professional Series exams, attend and complete three weeks of classroom training, and pass a qualification lab exam. This designation is focused on a single technology platform, such as Microsoft Exchange Server 2007, Windows SQL Server 2008, or Microsoft Office SharePoint Server 2007.
  • The Architect Series is for seasoned IT pros with 10 or more years of technology experience (with three or more years experience as a practicing architect). Candidates must possess both strong managerial and technical skills. Designed by the architect community, the certification requires candidates to pass peer review boards. Candidates must work closely with an MCA mentor and pass an oral review before a board of certified architects and must regularly refresh the accreditation.

#9: Two Professional Series credentials are available

Two credentials introduce the Professional Series, and more may be added. The first two are Microsoft Certified IT Professional (MCITP) and Microsoft Certified Professional Developer (MCPD).

MCITP accreditation is available for a variety of fields of expertise. Job roles include database administrator, consumer support technician, server administrator, and enterprise administrator.

MCPD accreditation is for programmers who plan to develop applications using Visual Studio 2008 and the Microsoft .NET Framework 3.5. Three paths are available: MCPD: Windows Developer 3.5; MCPD: ASP.NET Developer 3.5; and MCPD: Enterprise Applications Developer 3.5.

#10: New-generation certifications have a threefold goal

Microsoft says that its new certifications emphasize technology skills and job roles. The new accreditations are designed to minimize the overall number of certifications, while enabling IT professionals to highlight their specializations. The program’s certification changes encompass three goals:

  • Microsoft is working to better target its accreditations while keeping them flexible. Toward that end, the new certification tracks tend to be shorter and more focused on specific, common job roles.
  • Redmond’s training executives seek to protect and improve rigor (thoroughness) and credibility. Look for new testing technologies, such as the performance-based testing introduced with some Windows Server 2003 exams, to become more prominent. And by better matching tracks to real-world job roles, Microsoft hopes to bolster credibility.
  • Microsoft is aiming for relevance and simplicity. Lifecycle policies are being introduced for the first time, which among other changes will help aid relevance. Redesigned accreditations and logos, meanwhile, will better communicate demonstrated skills and knowledge.
Permalink • Print • Comment
Next Page »
Made with WordPress and a healthy dose of Semiologic • Sky Gold skin by Denis de Bernardy