Consensus is building among industry watchers that Microsoft will have anti-spyware and antivirus products on the market for businesses and consumers by year-end.
Many expect Bill Gates to detail such a product rollout during his keynote address at the RSA Security Conference in San Francisco in three weeks. Microsoft declined to discuss that prospect this week.
However, with Microsoft's pending security splash regarded as a fait accompli, antivirus and anti-spyware vendors are sizing up their chances of withstanding the Redmond giant. Business customers, stocked up on antivirus but now eager to buy spyware protection, wonder if a Microsoft entry would drive down costs, or if Microsoft--whose software seems to always require patching--really can be counted on as the first responder in worm and virus outbreaks.
"This is a challenge for Microsoft: the inherent conflict of interest in that Microsoft has had to constantly struggle with this need to fix problems in their own products," says Neil MacDonald, a Gartner research analyst. For Microsoft to sell antivirus and anti-spyware products is akin to "the water company, which has smelly water, selling filters to take the smell out," he says.
This week the speculation that Gates will make security news at RSA had analysts--including at least one financial analyst, Adam Holt at J.P. Morgan Chase, who predicts Microsoft will have an antivirus product out in the third quarter--issuing alerts about the prospect.
MacDonald says Microsoft is in a hurry to get into the antivirus/anti-spyware business if only to provide added protections for its Web browser, which is starting to lose market share to the open source Firefox browser. Firefox is said to have better security protections than Internet Explorer.
Combined Protection
Antivirus and anti-spyware protections are destined to be combined, experts increasingly agree, and Microsoft appears to have signaled its assent recently by acquiring Giant Company Software in December and issuing a free beta version of an anti-spyware product in tandem with a free virus cleanup tool this month.
"It should be a single product, and the antivirus vendors have dropped the ball," MacDonald says, though he adds that McAfee and Computer Associates International are among the few that seem to understand the convergence. "I blame it on the greed and ineptitude of the [antivirus] vendors," he adds.
IDC also believes that virus and spyware protection will more often be merged into one product, further blurring the line between today's estimated $3 billion antivirus market and the much-less-mature $47 million anti-spyware market. This consolidation will occur because customers increasingly are demanding a single product to combat viruses, spyware, Trojans, worms, and other types of malicious code, says Brian Burke, a senior research analyst at IDC.
Burke says Microsoft can be expected to have an integrated product by early next year.
One anti-spyware software vendor, Webroot Software, rejects the notion that stand-alone anti-spyware products will be ignored as combination products gain traction. David Moll, Webroot Software CEO, also says Microsoft will find spyware a tough sell because "customers will be faced with an interesting decision about purchasing a security product to protect software from the same company." Moll adds that Microsoft just signed a three-year deal with Webroot to use its technology for MSN subscribers.
The First Responder?
It's Microsoft's willingness to be the first responder--identifying new threats and issuing signature updates within hours or minutes, like antivirus firms do today--that is the biggest question, Burke says. Microsoft is only accustomed to providing monthly signature updates, but "antivirus has evolved from a product to a service and the effectiveness of the security is only as good as its last update," he says. "The value of antivirus is increasingly based on the vendors to quickly provide signature updates for the latest threats."
IDC says Microsoft will either use Windows Update Service, which currently distributes hot fixes and patches, to deliver these updates or partner with an antivirus vendor.
Once Microsoft enters the antivirus update business, the major effect on the market would be felt primarily on the consumer arena--which Symantec dominates--rather than the corporate side, IDC says. Antivirus vendor Trend Micro, which is resigned to the prospect of Microsoft as a competitor, shares that view.
"There will, in fact, be co-existence," says Lane Bess, president of Trend Micro's North American operations. Bess says Trend Micro will continue to increase its antivirus sales and intends to put more focus on spyware.
Microsoft this week sent a representative to the ICSA Labs antivirus Product Developer's meeting in San Diego, where the new subject of establishing testing criteria for spyware was discussed. This would appear to signal the company is gearing up to join the rest of the traditional antivirus suppliers, says David Perry, Trend Micro's global director of education.
Will Customers Buy It?
Bess says Microsoft will have an easier time pitching antivirus products to consumers than businesses.
"In the enterprise space, Microsoft will be hard-pressed with CIOs," he says. "I have that discussion with CIOs when I ask them, 'Am I going to be in trouble when Microsoft comes in with an antivirus product?' You get a bit of a chuckle, and they say, 'I'm not going to trust my enterprise security to Microsoft.'"
However, some organizations indicate they are keeping an open mind.
"I've asked Microsoft 'Why aren't you in the business of protecting your own backyard?'" says Eben Berry, manager of IS at Network Health, a healthcare provider in Cambridge, Massachusetts. He's taking a wait-and-see attitude, but hopes Microsoft dives in because spyware has become one of the most disruptive problems inside Network Health.
Berry says he has scouted for spyware-protection products. The danger of spyware has convinced management it should block employee access to the Web, which it was reluctant to do before. He hopes any Microsoft entry would bring down costs because buying spyware is like buying antivirus software twice.
Microsoft has long played an important role in the development of antivirus products by issuing desktop and server APIs that antivirus vendors use in their own products to better scan Windows-based systems.
If Microsoft wasn't going to publish such guidelines anymore, that would cause difficulties for competitors, says Mark Shavlik, president and CEO of Shavlik Technologies, which makes patch management and vulnerability-assessment products. "If Microsoft did do that, it would essentially damage the [antivirus] companies by hiding the APIs," he says.
