IT certifications are one way to distinguish between well-trained job candidates and prospects whose skills on specific hardware or software aren’t quite up to par.

At least that’s the way it’s supposed to work. In recent times, however, an overabundance of certifications and widespread cheating on exams caused in part by lax security at testing centers have tarnished IT certifications’ reputation in the eyes of many human-resources executives and hiring managers.

“It’s a big problem,” agrees Don Sorensen, marketing vice president at Caveon, a Salt Lake City test security company. He says there are “literally hundreds” of so-called "braindump" websites that share or sell test questions.

According to a 2007 report from the Association of Test Publishers, of 101 IT vendors and certification test centers surveyed, slightly more than half said that 46 percent or more of their IT certification tests had been copied, stolen or breached in some other way in the recent past. Some test givers said their new tests could be found on braindump websites within a month of being published, and in some cases, as soon as two days, according to the report.

Industry groups, testing centers, test security organizations, and individual companies are taking steps to curb cheating and spiff up the image of IT certifications. One of them is Cisco Systems, which as of April 2008 had issued 1 million certifications to IT professionals -- working at small, medium, and large companies -- who take courses and pass tests on routing and switching, network security, and storage networking, among similar topics.

“In the past we’ve done a lot to protect the integrity of our certifications, but we haven’t talked about it much,” says Fred Weiller, Cisco’s marketing director for career training and certifications. “Now we’re on a communications campaign to explain how we protect certifications. Our goal is zero cheating, zero trade offs.”

Industry taking action

The actions Cisco is taking to keep certification test questions from falling into the wrong hands reflect steps other companies and industry associations are taking as well. They include:

  • Limiting the number of test vendors they work with to one, PearsonVUE, a global testing company.
  • Dumping paper-based tests in favor of computer-based tests, which allows test companies to analyze data to flag individuals whose scores or behavior indicate something’s fishy. “We can ban some candidates for life,” Weiller says.
  • Constantly monitoring security at testing facilities, to check test results for trends that might indicate cheating is going on.
  • Photographing test takers to ensure they aren’t using proxies to take tests for them, then making photos available to HR and hiring managers “to prove they’re interviewing the person who took the test,” Weiller says.
  • Changing tests so they’re more difficult to memorize or reproduce, by including for example, simulations that force candidates to draw network diagrams rather than answer multiple-choice questions.

In addition to cheaters, certifications have lost some of their luster because there are so many of them. Cisco and Microsofthave issued more than 3.25 million certifications since the early 1990s. That’s when IT vendors first began using certification tests to document that employees were proficient in using newly released software programs. The Computing Technology Industry Association, another IT trade group, has issued 1 million certifications in its lifetime, and vendors such as Novell run certification programs too.

There’s a reason why software developers, network managers and other IT professionals like certifications so much some are willing to cheat to get them: a fatter pay check. A network analyst with a college degree, experience on the job and a certification earns $74,285 a year, compared to $66,000 without certification, and $61,200 with neither certification or past job experience, according to the March 2008 IT Skills and Salary Report, published by Global Knowledge, an IT training company, and TechRepublic, an IT online magazine.

How to protect your business

What else can small and mid-sized businesses do to make sure they’re not hiring or promoting cheaters?

  • Just as there’s a difference between Harvard and your local community college, not all IT certifications are equal. The highest-valued certification programs are the most in demand, command the highest salaries, and are most relevant to the job.
  • Pay attention to how often a certification needs to be renewed. In a profession where hardware and software updates happen yearly or more often, how relevant is a certification someone got 10 years ago? Look at how self-critical a re-certification program is. “The rigor they put on their customers to stay on top of the technology is key,” says Erik Ullanderson, Cisco’s global certifications manager.
  • Don’t base hiring decisions solely on a candidate’s certification. Connie Shaw, is HR director at Tyler Technologies’ EDEN Division, a Renton, Wash., business that sells utility billing and other software and services to cities and local governments. A portion of EDEN’s 170-person staff are project managers, technical support crew and Website or software developers. “When I’m recruiting it’s not just about a person’s education, background, experience and fit,” Shaw says. “It’s important to evaluate all those factors and then make your decision.”