By Larry Greenemeier and Aaron Ricadela
Oct. 10, 2005
Microsoft is stepping up efforts to become part of the solution to
businesses' computer-security woes and overcome a reputation for being
part of the problem.
The company will begin offering a test version of a new anti-spyware
product to businesses by the end of the year and will test new
antivirus and anti-spam software next year, CEO Steve Ballmer said at
a news conference in Munich, Germany, last week. Ballmer appeared at
the event in the technology-heavy German city with corporate VP Mike
Nash, who heads Microsoft's security unit.
The software vendor is developing what it calls Client Protection
technology that can guard desktops, laptops, and file servers against
spyware, malware, and tools used by hackers to break into operating
systems and applications. It's testing an anti-spyware product for
home PC users, but Client Protection, which includes technology it
acquired from GeCAD Software Srl. and Giant Company Software Inc.,
will offer management features for IT departments and integration with
Windows Active Directory. Microsoft is working out details such as
pricing and whether it will make the software available via the Web or
The new antivirus and anti-spam security software, called Antigen,
will run on messaging and collaboration servers, including Microsoft
Exchange. Antigen is based on technology from Sybari Software Inc.,
which Microsoft acquired in June. Microsoft also plans to form an
industry group called the Secure IT Alliance with Symantec, Trend
Micro, VeriSign, and other companies. The group will build a
development lab to design computer-security technology, according to
Michael Cherry, an analyst at technology consulting company Directions
on Microsoft, says that Microsoft has an incentive to help its
business customers avoid computer-security problems since they deplete
resources that could otherwise go toward new technology. "IT
departments have fixed budgets," Cherry says. "If, out of the blue,
they have to spend three unbudgeted weeks fixing security problems,
that's 1,000 man-hours lost from other projects. That has to be paid
for with real money."
Microsoft has faced criticism in the past over the number of bugs in
its software that cause rampant security problems for its customers.
Nearly four years ago, in an effort to overhaul its development
processes, the company halted development on Windows and other
products to give its programmers remedial training on writing secure
code. It also has established policies to close off avenues of attack
in subsequent products.
But Microsoft must build its credibility in security products before
it can challenge established players McAfee Inc. and Symantec for big
business clients, says John Pescatore, Gartner's VP for Internet
security. The Client Protection anti-spyware software is likely to
have a more immediate impact on small and midsize businesses,
particularly those that haven't yet invested in this type of security,
Still, Microsoft's announced entry into the market for antivirus and
anti-spyware software already is having an impact on competitors.
Symantec has been diversifying its business and last week completed
its acquisition of anti-phishing software maker WholeSecurity Inc. "A
big giant is throwing a rock in the pond and creating innovation and
pricing pressure," Pescatore says. "For years, the laws of competition
and pricing didn't apply to the antivirus market; the companies were
getting fat and slow."
Just don't expect customers to jump on the first version of Client
Protection or Antigen. Says Pescatore, "Most enterprises will wait 18
months at least after Microsoft announces a product so they can judge
Copyright =A9 2005 CMP Media LLC
InfoSec News v2.0 - Coming Soon!