Vulnerabilities / Threats
2/24/2012
09:16 AM
Connect Directly
RSS
E-Mail
50%
50%

Free Anti-Virus Software Fails To Charm Enterprises

As free AV gains popularity with consumers, could Symantec and McAfee ever be chased from their top spots in the enterprise?

Who likes paying for antivirus software?

Based on the popularity and high marks given to free antivirus software--including AVG, Avast, and Avira--many consumers have been more than happy to kiss paid antivirus tools goodbye. While it's been a great cash cow for information security software vendors that bank on the proceeds from annual virus update renewals, conceptually speaking, why isn't antivirus just built into the operating system?

Of course, free antivirus tools make that philosophical question--and annual wallet hit--go away. But why hasn't free AV made it out of the consumer and small-business realm and into the enterprise?

One reason is that unseating established enterprise antivirus players remains tough. "No enterprise CISO has gotten fired for recommending Symantec, and then Symantec for letting an infection through. Symantec or McAfee are very well-known names," says Vince Steckler, CEO of Avast, at the company's offices in Prague. "Now, if you buy a less well-known brand that lets an infection through, you can get fired."

Competing in the enterprise market also isn't easy. "It's just a much more expensive sector to sell into and support, and the margins are much lower," says Steckler, who's worked as the senior vice president of worldwide consumer sales at Symantec. "It's sexy, but there's not as much money in it." That's one reason why Avast predominantly targets consumers and businesses with less than 50 endpoints, he says.

Another is that building and maintaining a highly scalable antivirus management console--as demanded by IT departments at large businesses--is difficult. Add to that the cost of global sales teams, round-the-clock support teams in every customers' language, engineers who install the products on-site--and remain on call in the event of outages--and per-seat revenue that may be as little as $1, and it makes the enterprise AV market look like a rough place to be.

Indeed, the economics of the free and freemium AV market seem positively utopian in comparison. "I can afford to pay to buy free users now," says AVG CEO J.R. Smith, speaking by phone. AVG notably went public this month--coincidentally, at the same time as Facebook--and said it earned $255 million in revenue in the last 12 months, and now counts 106 million users. Who doesn't want a piece of that?

[ Privacy and security are closely tied together. Read Obama's Consumer Privacy Bill of Rights: 9 Facts. ]

Smith was careful to note that his company doesn't use any analytics software on its users, or spy on them in any way. But AVG crowdsources a substantial amount of information on malware, and that helps generate revenues that cover its free tools. "We get lots of threat data ... lots of customers download our software and opt in. We evaluate about a billion potential threats in our endpoint systems every day," he says. "You [can] take that and feed it, say, to Microsoft on a daily basis, so they can update their blacklist to help keep their customers safe. Yes they're a competitor, but we're happy with that."

When it comes to making money off of the likes of Microsoft, free antivirus vendors aren't interested in all free users; just the valuable ones. Smith says 90% of his company's focus is on just nine countries, between the United States and Europe, which speak English and in which the company has good brand-name recognition.

Another hurdle to free antivirus software in the enterprise is simply that--legally speaking--it typically isn't licensed for large-business use. "Our license actually doesn't allow businesses to use our free product. It's the same thing with our two main free competitors," says Avast's Steckler. Of course, that doesn't mean that some businesses aren't using free antivirus anyway.

As free AV gains popularity, could Symantec and McAfee ever be chased from their top spots in the enterprise? No doubt they'll see more competition, and from an enterprise standpoint--value, features, ease of use--competition is always a very good thing.

"It's the nature of things to change," says Steckler. "Kaspersky had virtually no presence in the corporate world five years ago, now they're pretty meaningful. We had virtually no presence in the consumer world five years ago, now we're very meaningful. And users' perceptions to 'free' change over time."

For example, Steckler says that Avast conducted a survey in 2010 to gauge consumers' perceptions to free software. Consumers in France were for it, users in the U.S. largely against it, and Britain registered in the middle. Steckler says that it's no coincidence that Avast has seen large uptake of its free product in France. But will the United States and Britain be far behind?

Likewise, how enterprises procure their software will evolve. "Consumers bought software at retail, now they buy software online. Enterprises buy software from sales reps, and they will--over time--move towards buying the service or the product online, and as they do so, then that's our opportunity," says Steckler.

If new enterprise antivirus players come calling, will IT managers listen? Then again, with the growing use of mobile devices, including smartphones and tablets, might today's antivirus tools simply become a consumer-demanded, baked-in part of future computing devices and operating systems? Arguably, the only thing better than free is not having to bother at all.

The right forensic tools in the right hands are just a start. The new Digital Detectives issue of Dark Reading shows you how to better apply the lessons they teach. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
GeneIT
50%
50%
GeneIT,
User Rank: Apprentice
2/27/2012 | 7:11:41 PM
re: Free Anti-Virus Software Fails To Charm Enterprises
It seems like AV has just become a monitoring and reporting tool with occasional malware prevention. Treat it as just one layer to protect your system infrastructure. Stay out of the dark ages and use Deep Freeze, Content Filtering Appliance, System Hardening Techniques, and VDI to keep malware from looming around your organization.
Bprince
50%
50%
Bprince,
User Rank: Ninja
2/26/2012 | 3:38:35 AM
re: Free Anti-Virus Software Fails To Charm Enterprises
As long as the paid versions have protections the free versions don't, there will always be an advantage on their side in my opinion.
Brian Prince, InformationWeek/Dark Reading Comment Moderator
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-4734
Published: 2014-07-21
Cross-site scripting (XSS) vulnerability in e107_admin/db.php in e107 2.0 alpha2 and earlier allows remote attackers to inject arbitrary web script or HTML via the type parameter.

CVE-2014-4960
Published: 2014-07-21
Multiple SQL injection vulnerabilities in models\gallery.php in Youtube Gallery (com_youtubegallery) component 4.x through 4.1.7, and possibly 3.x, for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) listid or (2) themeid parameter to index.php.

CVE-2014-5016
Published: 2014-07-21
Multiple cross-site scripting (XSS) vulnerabilities in LimeSurvey 2.05+ Build 140618 allow remote attackers to inject arbitrary web script or HTML via (1) the pid attribute to the getAttribute_json function to application/controllers/admin/participantsaction.php in CPDB, (2) the sa parameter to appl...

CVE-2014-5017
Published: 2014-07-21
SQL injection vulnerability in CPDB in application/controllers/admin/participantsaction.php in LimeSurvey 2.05+ Build 140618 allows remote attackers to execute arbitrary SQL commands via the sidx parameter in a JSON request to admin/participants/sa/getParticipants_json, related to a search parameter...

CVE-2014-5018
Published: 2014-07-21
Incomplete blacklist vulnerability in the autoEscape function in common_helper.php in LimeSurvey 2.05+ Build 140618 allows remote attackers to conduct cross-site scripting (XSS) attacks via the GBK charset in the loadname parameter to index.php, related to the survey resume.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Where do information security startups come from? More important, how can I tell a good one from a flash in the pan? Learn how to separate ITSec wheat from chaff in this episode.