Consensus is building among industry watchers that Microsoft will have anti-spyware and anti-virus products on the market for businesses and consumers by year-end.
Many expect Bill Gates to detail such a product rollout during his keynote address at the RSA Security Conference in San Francisco in two weeks. Microsoft declined to discuss that prospect last week.
However, with Microsoft's pending security splash regarded as a fait accompli, anti-virus and anti-spyware vendors are sizing up their chances of withstanding the Redmond giant. Business customers, stocked up on anti-virus but now eager to buy spyware protection, wonder if a Microsoft entry would drive down costs, or if Microsoft - whose software seems to always require patching - really can be counted on as the first responder in worm and virus outbreaks.
"This is a challenge for Microsoft: the inherent conflict of interest in that Microsoft has had to constantly struggle with this need to fix problems in their own products," says Neil MacDonald, a Gartner research analyst. For Microsoft to sell anti-virus and anti-spyware products is akin to "the water company, which has smelly water, selling filters to take the smell out," he says.
Last week the speculation that Gates will make security news at RSA had analysts - including at least one financial analyst, Adam Holt at J.P. Morgan, who predicts Microsoft will have an anti-virus product out in the third quarter - issuing alerts about the prospect.
MacDonald says Microsoft is in a hurry to get into the anti-virus/anti-spyware business if only to provide added protections for its Web browser, which is starting to lose market share to the open source Firefox browser. Firefox is said to have better security protections than Internet Explorer.
Anti-virus and anti-spyware protections are destined to be combined, experts increasingly agree, and Microsoft appears to have signaled its assent recently by acquiring Giant Company Software in December and issuing a free beta version of an anti-spyware product in tandem with a free virus cleanup tool this month.
"It should be a single product, and the anti-virus vendors have dropped the ball," MacDonald says, though he adds that McAfee and Computer Associates are among the few that seem to understand the convergence. "I blame it on the greed and ineptitude of the [anti-virus] vendors," he adds.
IDC also believes that virus and spyware protection will more often be merged into one product, further blurring the line between today's estimated US$3 billion anti-virus market and the much-less-mature US$47 million anti-spyware market. This consolidation will occur because customers increasingly are demanding a single product to combat viruses, spyware, Trojans, worms and other types of malicious code, says Brian Burke, a senior research analyst at IDC.
Burke says Microsoft can be expected to have an integrated product by early next year.
One anti-spyware software vendor, Webroot Software, rejects the notion that stand-alone anti-spyware products will be ignored as combination products gain traction. David Moll, Webroot CEO, also says Microsoft will find spyware a tough sell because "customers will be faced with an interesting decision about purchasing a security product to protect software from the same company." Moll adds that Microsoft just signed a three-year deal with Webroot to use its technology for MSN subscribers.
Speed is the key
It's Microsoft's willingness to be the first responder - identifying new threats and issuing signature updates within hours or minutes, like anti-virus firms do today - that is the biggest question, Burke says. Microsoft is only accustomed to providing monthly signature updates, but "anti-virus has evolved from a product to a service and the effectiveness of the security is only as good as its last update," he says. "The value of anti-virus is increasingly based on the vendors to quickly provide signature updates for the latest threats."
IDC says Microsoft will either use Windows Update Service, which currently distributes hot fixes and patches, to deliver these updates or partner with an anti-virus vendor. Advertisement:
Once Microsoft enters the anti-virus update business, the major effect on the market would be felt primarily on the consumer arena - which Symantec dominates - rather than the corporate side, IDC says. Anti-virus vendor Trend Micro, which is resigned to the prospect of Microsoft as a competitor, shares that view.
"There will, in fact, be co-existence," says Lane Bess, president of Trend Micro's North American operations. Bess says Trend Micro will continue to increase its anti-virus sales and intends to put more focus on spyware.
Microsoft last week sent a representative to the ICSA Labs anti-virus Product Developer's meeting in San Diego, where the new subject of establishing testing criteria for spyware was discussed. This would appear to signal the company is gearing up to join the rest of the traditional anti-virus suppliers, says David Perry, Trend Micro's global director of education.
Bess says Microsoft will have an easier time pitching anti-virus products to consumers than businesses.
"In the enterprise space, Microsoft will be hard-pressed with CIOs," he says. "I have that discussion with CIOs when I ask them, 'Am I going to be in trouble when Microsoft comes in with an anti-virus product?' You get a bit of a chuckle, and they say, 'I'm not going to trust my enterprise security to Microsoft.'"
However, some organizations indicate they are keeping an open mind.
"I've asked Microsoft 'Why aren't you in the business of protecting your own backyard?'" says Eben Berry, manager of IS at Network Health, a healthcare provider in Cambridge, Mass. He's taking a wait-and-see attitude, but hopes Microsoft dives in because spyware has become one of the most disruptive problems inside Network Health.
Berry says he has scouted for spyware-protection products. The danger of spyware has convinced management it should block employee access to the Web, which it was reluctant to do before. He hopes any Microsoft entry would bring down costs because buying spyware is like buying anti-virus software twice.
Microsoft has long played an important role in the development of anti-virus products by issuing desktop and server APIs that anti-virus vendors use in their own products to better scan Windows-based systems.
If Microsoft wasn't going to publish such guidelines anymore, that would cause difficulties for competitors, says Mark Shavlik, president and CEO of Shavlik Technologies, which makes patch management and vulnerability-assessment products. "If Microsoft did do that, it would essentially damage the [anti-virus] companies by hiding the APIs," he says.