Pirates on the IT Seas

Posted on
Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone



Do you remember the last certification exam you took? Do you remember
signing a non-disclosure agreement or other candidate agreement? Among
other things, those agreements state that you will not reveal any of the
specific information you come across on the exam. Certification programs
invest a lot of time, money and energy in their programs, so they must
also invest in maintaining the validity and integrity of those programs.



As certified professionals, you have a responsibility to uphold your end
of the bargain—keeping the details of the certification exam to
yourself. And all who participate in the certification process—from the
certification programs and vendors of training materials to the IT
professionals who see a career benefit from certification—have a
responsibility to ensure the programs remain valid.



Robert R. Keppel, former Vancouver, Wash., resident and operator of the
CheetSheets.com Web sites, pled guilty to theft of trade secrets for
selling Microsoft Certified Systems Engineer (MCSE) and Microsoft
Certified Solution Developer (MCSD) exams and answers through his sites,
http://www.cheetsheets.com and http://www.cheet-sheets.com. The FBI’s
Computer Crimes Squad investigated the case, and Assistant U.S. Attorney
Annette L. Hayes prosecuted the case.



Keppel claimed to be selling real test questions on his Web sites,
according to Craig Callaway, president of Self Test Software. “Of
course, Microsoft really went after him,” he said. “It’s hard to protect
these questions, but it’s something I know the vendors are working
really hard on. They’re going to a lot of work to try to cut this off at
the source, where these guys are taking digital photos of these



In January 2001, Keppel started purchasing MCSE and MCSD exams and
answers from an individual in Pakistan. That individual got the exams by
photographing and/or videotaping the actual tests. Starting in July
2000, Keppel marketed copies of exams and answers. He made more than
$750,000 selling exams from Microsoft Corp., Cisco and other businesses.



As part of Keppel’s plea agreement, he has to forfeit his Lexus and his
Ferrari as well as $56,000 seized from his bank accounts. And what’s
more, on Nov. 1, 2002, Keppel could receive up to 10 years in prison and
a fine of up to $250,000.



So what’s the moral to this story? Don’t cheat. And don’t encourage
others to cheat. Pay attention to that nondisclosure agreement you sign
when you take the test. Don’t sell or post test questions and answers.


It’s All Fun and Games Until Someone Gets Hurt…



Certification exam piracy is a detriment to the IT industry and the
certification industry, and yes, it hurts you as a certified IT
professional as well. How?



According to Robert Pedigo, executive director of the Information
Technology Certification Security Council (ITCSC), exam piracy
“undermines the entire chain of value that supports certification.”
Pedigo explained that there are two problems that arise from the piracy
issue. First is the question of whether there’s a security issue with an
exam. Second is the damage piracy does to individual’s perception of a
certification program.



“Recent events have shown us that there are, in fact, some security-
related issues out there,” said Pedigo, “but it’s difficult to know what
the full extent is. Perhaps more damaging is the perception that an
individual certification might be less valuable because the security of
an examination is breached.”



Certification vendors pay big bucks to develop certification exams. The
test-development process is an arduous journey from the decision to
create the exam through the analysis of job roles up to the creation of
the exam itself and the validation and testing of that exam through
beta-tests and other means of analysis.



“The fact is that all software companies take measures to defend the
integrity of their tests,” explained Pedigo. “For example, the exams are
built to exacting psychometric standards, the test questions are
refreshed periodically, or the technology changes and new exams are
developed. The fact of the matter is that there are a number of things
certification programs do to maintain their security, but one thing
that’s of concern to everyone is the psychological effect.”



Dr. Cyndy Fitzgerald, group manager of psychometrics and test technology
for Certification and Skills Assessment at Microsoft, said that
Microsoft is serious about ensuring its program maintains value.
“Microsoft is committed to maintaining the integrity of the Microsoft
Certified Professional (MCP) program and ensuring the credentials
maintain their value and relevance to the IT industry,” she said. “Our
customers expect MCP exams to require the knowledge and experience that
reflect a particular skill set. When appropriate, we will continue to
work proactively with the appropriate industry consortiums and legal
institutions in order to protect the integrity of the MCP exams and



Take Action



It’s in everyone’s best interest to put a stop to these kinds of
practices—exam piracy, brain-dumping and so on. The certification
vendors want to protect their investments in their programs. And you
should want to protect your investment in your career!



The industry is taking action—evident in the fact that Microsoft pursued
the case against Keppel, but also in the formation of the Information
Technology Certification Security Council. The ITCSC focuses on four
areas, according to Pedigo: establishing guidelines and best practices,
communication, enfor
Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone


Posted in Archive|