CompTIA Cloud Community: Trustmark Experiment

Posted: 1:49 pm
August 21, 2013
Events, IT Business, IT Culture
Comments Off on CompTIA Cloud Community: Trustmark Experiment

This blog post (and few others) will cover the takeaways from the CompTIA Cloud Community in which I participate. I am not paid for it, the following is just my opinion, not approved or associated with CompTIA in any way (as a matter of fact I think we pay for the privilege of membership in CompTIA). Either way, it’s a good activity with great insight into the IT ecosystem and I encourage you to check it out.

CompTIA (yes, the A+ people) cloud community is made up of executives from solution providers, software vendors, hardware folks and is an interesting mix of the entire ecosystem. Over the past two years we have been working together on helping find the common ground among us all and figure out how to move forward with the part of the industry that’s moving the fastest.

At the CompTIA ChannelCon we were put through an exercise that was a thinly-veiled case study for why CompTIA Trustmark for the Cloud would make sense.. and it failed spectacularly:

Half of you will stay in this room and work on the three points that IT solution partners, VARs and service providers would want from their vendor. The other half will go into the other room and come up with three points that end users / customers would need from their cloud provider / MSP / VAR.

Sounds good on the surface – find out what the user wants, find out what the MSP wants, find out where the common ground is an establish some criteria along with the ways to measure it and charge people a few hundred dollars for a CompTIA certificate. What could go wrong, right?

What went wrong

Cloud, at it’s core, is a mixture of service and technology. It’s not exclusively one thing over another which is why so many, both big and small, struggle with a way to define and a way to profit from it. Essentially, it’s the same infrastructure we’ve always had but it’s in a new location. With the new location some of the issues go away (uptime, hardware investments, scale, etc) making a way for a slew of new issues with regard to liability, compliance, business model, security delegation, etc.

The moment at which the CompTIA Cloud Trustmark shattered on the floor like a glass dropped from the top of the WTC came only a second after all the vendors came in agreement as to what the MSP/VAR/ITSP should expect from a vendor.

It came in a form of 3 different MSP/VAR/ITSP executives opening up their mouth and saying: That is not at all something we’d be concerned about when it comes to our vendors.

In a sigh of desperation, the conclusion of our group was that while the “criteria” the vendors agreed on might be legitimate it bears no value to the VAR/MSP simply because they have a different model.

For example, among the vendors were mixed mode (direct & channel) vendors, channel exclusive vendors, master MSPs and folks transitioning around. Some wanted the MSP to do everything, some wanted them to do nothing but get out the way. Some offered MDF some didn’t. Some wanted to educate the partner while others just hoped they would assume all the liability. But all vendors agreed that the partner must self qualify to work with a particular vendor.

Among the partners (MSP, VAR, IT Solution Provider) the field was even more divided: Some wanted MDF, some wanted sales training, some wanted promotion and leads, some just wanted the vendor to do their job and deliver on their promise. Furthermore, what one MSP wanted was completely irrelevant to the other and so on.

This is just the reality of the modern IT provider. When you’re small you take on more than you can chew and you need all the help you can get from your vendors even leveraging their brand name to establish your own legitimacy. But once you do have a client base and internal expertise you want a vendor that will stay as far away from your users as possible, you don’t need more competition. The further you grow the more you realize that you need to continue to focus on your core value and want to outsource or defer certain activities to someone else or even back to the vendor. Ultimately, you become so big that you figure you can do it cheaper and better in house.

It’s a lifecycle of a successful service provider. (There is also the unsuccessful service provider: Grow to the point that it hurts and then instead of overcoming the obstacles you pretend you’re the master MSP and try leading those smaller than you around the potholes until you realize you can’t scale. Then you go onto the speaking circuit and when you bomb both your business and everyone else that followed you there is more time to write a book that nobody will read and you give up your business for pennies on the dime to be a contractor at a vendor that goes boom… and then you’re an IT coach having proven failure at every level)

The conclusion of the CompTIA Cloud Community

… was that there is no conclusion on how to effectively identify, qualify and standardize cloud service providers or their services. What everyone was clear on was that cloud is a service and that one size does not fit all so it becomes even more important to work closely with the people that you can trust, evaluate, visit and build a business model with. Trustmarking people on service turns out to be a lot more complex than checking whether they know a difference between an ATX case and a toaster.

Truth of the matter is that there are certifications that service providers go through (from organizations folks have actually heard of) and actual standards we all adhere to that take a very rigorous look at both the business operations, technology implementation, financial data handling and more – everything from PCI to ISO to SSAE16 – are gruesome in depth audits that every serious service provider must go through but they all asses and certify a small piece of the process and activity.

The cloud – as a mixture of both service and standards – is so broad that to build a certification process around it would make it so elaborate and broad that it would make it virtually useless.

Important thing to note here is that the value of CompTIA Communities, as I’ve often heard assessed incorrectly in conversations with people that are not a part of it, is not in printing certifications. It’s in the venue and conversations with other like minded executives that are truly on top of their game. To my knowledge, there is nothing else other there that provides this extensive of a reach in our industry so to those that have preconceptions about the communities based on the organization and what it did a decade ago… I encourage you to join in the conversation.