Is there method in Microsoft's security buys?

The software giant has been scooping up companies in the security field, but analysts wonder what it all adds up to.

While Microsoft's latest deals show it's committed to building its security muscle, some analysts say the company needs to focus on a clearer and more productive strategy.

The software maker said it was making security its top priority when it three years ago. Since then, it has overhauled its in-house development to bolster security and has put its $38 billion war chest to work. It has been buying antivirus and anti-spyware companies and other security assets--acquisitions that have been closely watched.

"While there is a great deal of hoopla around the acquisitions, what is more important is to see what they make of them," said Michael Cherry, a lead analyst at Directions on Microsoft in Kirkland, Wash. "I don't think that the past acquisitions have shown a tremendous payback yet."

News.context

What's new:
While Microsoft's latest deals show it's committed to building its security muscle, some analysts say the company needs to focus on a clearer and more productive strategy.

Bottom line:
It's about time that Microsoft turned the technologies it has picked up into actual products that customers can use, analysts said.

More stories on Microsoft security

It's about time that Microsoft turned the technologies it has picked up in its scattershot buys into actual products that customers can use, analysts said.

The company announced its takeover of FrontBridge Technologies, a hosted e-mail security provider, on Wednesday, the same day it said it had taken a minority stake in Finjan Software and licensed some of the security appliance maker's patents on behavior-based intrusion detection technologies.

These moves follow the acquisitions of Romanian antivirus software developer GeCad Software two years ago, desktop anti-spyware maker Giant Software in late 2004, and corporate security software vendor Sybari earlier this year. Sybari software can use multiple engines to scan e-mail and instant messages for viruses and spam.

The takeovers seem random, said Pete Lindstrom, a research director at Spire Security. "I think it is a reactive approach. They are picking up security products that they think are important to customers," he said. "It doesn't strike me that there is an obvious strategy to this."

Every product group is involved in Microsoft's companywide commitment to providing users with a secure computing experience, Amy Roberts, a director in Microsoft's security business and technology unit, said in an e-mailed statement. "Microsoft's recent acquisitions in the area of security represent continued investments in innovation, customer guidance and industry partnerships," she said.

Microsoft first took on the safety of its own products with its Trustworthy Computing push. With the acquisitions, the software maker attempted to move itself into a position to become a player in the security market and offer additional products to protect both consumers and business users. The ultimate goal is to counteract the perception of Microsoft as provider of insecure software, Cherry suggested, "to make it such that customers have no doubt that they are purchasing a secure system when they choose Windows," he said.

It is evident from the purchasing campaign that security continues to be important to the Redmond, Wash., company, analysts said.

But the series of takeovers may also signal that Microsoft's own development efforts are falling short, suggested David Schatsky, a senior vice president at Jupiter Research.

"They have been focusing a lot on internal development as well as these acquisitions, which signify that they are probably not satisfied with the pace at which they have been able to build up their security capabilities," Schatsky said.

"Security is a top priority for Microsoft," Roberts said. "Innovation is constant at Microsoft."

Since launching its Trustworthy Computing Initiative, Microsoft has changed the way it develops software in order to make its technology more secure. The "security development lifecycle process" is aimed at

 

Discuss Is there method in Microsoft's security buys?

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Articles from CNET
Former 'Top Gear' stars head for Amazon Video (Tomorrow Daily 218)