Is there method in Microsoft's security buys?

While Microsoft's latest deals show it's committed to building its security muscle, some analysts say the company needs to focus on a clearer and more productive strategy.

The software maker said it was making security its top priority when it launched its Trustworthy Computing Initiative three years ago. Since then, it has overhauled its in-house development to bolster security and has put its $38 billion war chest to work. It has been buying antivirus and anti-spyware companies and other security assets--acquisitions that have been closely watched.

"While there is a great deal of hoopla around the acquisitions, what is more important is to see what they make of them," said Michael Cherry, a lead analyst at Directions on Microsoft in Kirkland, Wash. "I don't think that the past acquisitions have shown a tremendous payback yet."

News.context

What's new:
While Microsoft's latest deals show it's committed to building its security muscle, some analysts say the company needs to focus on a clearer and more productive strategy.

Bottom line:
It's about time that Microsoft turned the technologies it has picked up into actual products that customers can use, analysts said.

More stories on Microsoft security

It's about time that Microsoft turned the technologies it has picked up in its scattershot buys into actual products that customers can use, analysts said.

The company announced its takeover of FrontBridge Technologies, a hosted e-mail security provider, on Wednesday, the same day it said it had taken a minority stake in Finjan Software and licensed some of the security appliance maker's patents on behavior-based intrusion detection technologies.

These moves follow the acquisitions of Romanian antivirus software developer GeCad Software two years ago, desktop anti-spyware maker Giant Software in late 2004, and corporate security software vendor Sybari earlier this year. Sybari software can use multiple engines to scan e-mail and instant messages for viruses and spam.

The takeovers seem random, said Pete Lindstrom, a research director at Spire Security. "I think it is a reactive approach. They are picking up security products that they think are important to customers," he said. "It doesn't strike me that there is an obvious strategy to this."

Every product group is involved in Microsoft's companywide commitment to providing users with a secure computing experience, Amy Roberts, a director in Microsoft's security business and technology unit, said in an e-mailed statement. "Microsoft's recent acquisitions in the area of security represent continued investments in innovation, customer guidance and industry partnerships," she said.

Microsoft first took on the safety of its own products with its Trustworthy Computing push. With the acquisitions, the software maker attempted to move itself into a position to become a player in the security market and offer additional products to protect both consumers and business users. The ultimate goal is to counteract the perception of Microsoft as provider of insecure software, Cherry suggested, "to make it such that customers have no doubt that they are purchasing a secure system when they choose Windows," he said.

It is evident from the purchasing campaign that security continues to be important to the Redmond, Wash., company, analysts said.

But the series of takeovers may also signal that Microsoft's own development efforts are falling short, suggested David Schatsky, a senior vice president at Jupiter Research.

"They have been focusing a lot on internal development as well as these acquisitions, which signify that they are probably not satisfied with the pace at which they have been able to build up their security capabilities," Schatsky said.

"Security is a top priority for Microsoft," Roberts said. "Innovation is constant at Microsoft."

Since launching its Trustworthy Computing Initiative, Microsoft has changed the way it develops software in order to make its technology more secure. The "security development lifecycle process" is aimed at

[gfsdfge]

If I hear the word Innovation one more time...

I'm gonna PUKE!

[captnet]

You say Why?

Real easy, buy the competition or just kill it. Now that's Innovation!!! Most people would call 'trustworthy computing' doing their job. Not MS, they are doing something special. More marketing, more lies.

[Bill Dautrive]

If MS buys it all up

If MS buys up all the security companies that puts them to shame, then MS can claim that they are the 'most secure'.

That is Microsofts way of getting and staying on top. Buy out and destroy the competition.

Look at Acrylic, they bought some decent software and ruined it to the point of it being a really bad copy of a crappy Photoshop knockoff, that does 10% of what photoshop does.

That is MS innovation for you.

[jmmejzz]

MS concern not Security

If MS was so concerned about security, they would working to fix
the issues that keep security companies in business not buying
them up. Independent third parties will always be better as a
watchdog rather then a wholly owned subsidiary.

[Scott W]

they should make it mor secure

the problem MS face is that THEY put these anti-virus companies in business and if they do anything now they can be accused of anti-competitive behaviour which is a shame. however they have dug their own grave and are now stuck in a catch-22. if they stay the way they are then more people will be infected by viruses and more complaints will be sent their way, whereas if they increase the security of windows then they go to court for anti-competitive behaviour. there is an alternative to just buying anti-virus companies which is to make VISTA more secure. they are trying bless em but they will not succeed. all the bells and whistles that they seem obsessed with adding will just bring the system down.

[phytopath]

Reality and Perception

MS is battling the reality of viruses and spyware coupled with the perception that it's OS is held together with spit and bandaids. Last year I bought an iBook. OS X is elegant, very functional and it just works. After dealing with problem after problem at work and at home I decided to make a change. I'm not interested in debating which OS is inherently more secure. In the here and now OS X for me is the better choice for security and overall quality. What OS X will be like in the future is an open question. Win XP is fine but it feels very clunky when compared to OS X. MS wants to position their OS as a secure platform that can easily handle content like movies and music, but I walked into Office Depot a few weeks ago and saw a Media Center PC displaying a big fat error message on it's screen. I asked myself if I wanted to deal with the same old crap I deal with at work just to play a movie or record a TV show. Does anyone want to constantly mess with this just to do what I already do with other products? I didn't stop to check what it was about and it probably was something trivial but it cemented an already poor perception I had of their OS. Vista might be wonderful and cool and have bells and whistles and pretty shiny things but I have a long memory of BSODs, crashes and indidious spyware which may or may not be MS's fault. Vista will have to be an extremely high quality, secure OS in itself otherwise they're going to lose video as well as music to Apple. Buying security companies is great but it's not going to help if the OS itself isn't worth using. MS probably isn't worried. I think it should be.