Until recently, security was just something that the software company got hammered on--a perennial headache, with no upside. But now, four years after Chairman Bill Gates launched his, Microsoft is starting to see security as a potential selling point.
Last month, Windows chief Jim Allchin pointed to enhanced security as thecustomers should move to Vista, the update to the operating system due this year. The software maker estimates that a third of its engineering time for the new Windows was spent on protective measures.
Alongside this, Microsoft has begun to sell its own brand of security products, including a $50-a-yearand its upcoming for businesses.
"There is a shift that we are seeing," said Mike Nash, the executive who heads Microsoft's security business. "As we're still making progress and still being scrutinized, we're also hearing that companies want more from us."
Though challenges remain, the opportunity for Microsoft is huge. The Yankee Group in January pegged the unsecured PC market--computers without antivirus software or that have lapsed antivirus subscriptions--as worth $15 billion. Enterprise customers already spend $3 billion a year on security, the analyst firm noted.
"What's driving Microsoft's investments? Money, of course," Yankee analysts said in their report. "These markets are collectively too large for Microsoft to ignore any longer."
Any revenue would help boost the return that Microsoft is getting on its investment in security, a push that Pescatore said costs the software maker hundreds of millions of dollars per year. The company has also been on athat began with its 2003 and includes at least four other security software makers.
Gaps in security
A few years back, security was nothing but a headache for Microsoft and all customers wanted from the Redmond, Wash., company was software with fewer holes.
Microsoft still faces plenty of challenges in this arena. A recent public exploit for awas a reminder that hackers will make the most of unplugged holes.
And not everyone is keen on the idea of paying Microsoft to help secure the products it created. Businesses, in particular, are questioning the move, Gartner analyst John Pescatore said.
"'Wait a minute--Microsoft's software is causing the problem, and now they want me to pay extra to fix the problem?'" Pescatore said, summing up the reaction of some corporations to Microsoft's move toward selling security software.
While businesses may still be somewhat loath to pay Microsoft for security, Pescatore said that the company's reputation has improved from the days when theand worms dented it.
"They have spent three or four years taking security seriously," he said. "They have basically removed it as a liability compared to the Linuxes and Solarises."
Pescatore contrasts Microsoft's efforts with those of Oracle. While Microsoft has been improving its reputation, Oracle, he said, has largely been standing still and is losing itsfor security.
Even John Thompson, CEO of Symantec, has had to praise Microsoft's efforts. In a speech at last week's, Thompson noted that there were 100 attacks that posed a medium or high risk between 2002 and 2004, but only six such attacks last year.
"The broad adoption of firewalls and antivirus and intrusion detection software, and the progress quite frankly made by Microsoft in securing their operating platform, has made this possible," Symantec CEO John Thompson said last week. "Yes, I did say that," he added, to laughter from the crowd.