Vulnerabilities / Threats
2/24/2012
09:16 AM
Connect Directly
RSS
E-Mail
50%
50%

Free Anti-Virus Software Fails To Charm Enterprises

As free AV gains popularity with consumers, could Symantec and McAfee ever be chased from their top spots in the enterprise?

Who likes paying for antivirus software?

Based on the popularity and high marks given to free antivirus software--including AVG, Avast, and Avira--many consumers have been more than happy to kiss paid antivirus tools goodbye. While it's been a great cash cow for information security software vendors that bank on the proceeds from annual virus update renewals, conceptually speaking, why isn't antivirus just built into the operating system?

Of course, free antivirus tools make that philosophical question--and annual wallet hit--go away. But why hasn't free AV made it out of the consumer and small-business realm and into the enterprise?

One reason is that unseating established enterprise antivirus players remains tough. "No enterprise CISO has gotten fired for recommending Symantec, and then Symantec for letting an infection through. Symantec or McAfee are very well-known names," says Vince Steckler, CEO of Avast, at the company's offices in Prague. "Now, if you buy a less well-known brand that lets an infection through, you can get fired."

Competing in the enterprise market also isn't easy. "It's just a much more expensive sector to sell into and support, and the margins are much lower," says Steckler, who's worked as the senior vice president of worldwide consumer sales at Symantec. "It's sexy, but there's not as much money in it." That's one reason why Avast predominantly targets consumers and businesses with less than 50 endpoints, he says.

Another is that building and maintaining a highly scalable antivirus management console--as demanded by IT departments at large businesses--is difficult. Add to that the cost of global sales teams, round-the-clock support teams in every customers' language, engineers who install the products on-site--and remain on call in the event of outages--and per-seat revenue that may be as little as $1, and it makes the enterprise AV market look like a rough place to be.

Indeed, the economics of the free and freemium AV market seem positively utopian in comparison. "I can afford to pay to buy free users now," says AVG CEO J.R. Smith, speaking by phone. AVG notably went public this month--coincidentally, at the same time as Facebook--and said it earned $255 million in revenue in the last 12 months, and now counts 106 million users. Who doesn't want a piece of that?

[ Privacy and security are closely tied together. Read Obama's Consumer Privacy Bill of Rights: 9 Facts. ]

Smith was careful to note that his company doesn't use any analytics software on its users, or spy on them in any way. But AVG crowdsources a substantial amount of information on malware, and that helps generate revenues that cover its free tools. "We get lots of threat data ... lots of customers download our software and opt in. We evaluate about a billion potential threats in our endpoint systems every day," he says. "You [can] take that and feed it, say, to Microsoft on a daily basis, so they can update their blacklist to help keep their customers safe. Yes they're a competitor, but we're happy with that."

When it comes to making money off of the likes of Microsoft, free antivirus vendors aren't interested in all free users; just the valuable ones. Smith says 90% of his company's focus is on just nine countries, between the United States and Europe, which speak English and in which the company has good brand-name recognition.

Another hurdle to free antivirus software in the enterprise is simply that--legally speaking--it typically isn't licensed for large-business use. "Our license actually doesn't allow businesses to use our free product. It's the same thing with our two main free competitors," says Avast's Steckler. Of course, that doesn't mean that some businesses aren't using free antivirus anyway.

As free AV gains popularity, could Symantec and McAfee ever be chased from their top spots in the enterprise? No doubt they'll see more competition, and from an enterprise standpoint--value, features, ease of use--competition is always a very good thing.

"It's the nature of things to change," says Steckler. "Kaspersky had virtually no presence in the corporate world five years ago, now they're pretty meaningful. We had virtually no presence in the consumer world five years ago, now we're very meaningful. And users' perceptions to 'free' change over time."

For example, Steckler says that Avast conducted a survey in 2010 to gauge consumers' perceptions to free software. Consumers in France were for it, users in the U.S. largely against it, and Britain registered in the middle. Steckler says that it's no coincidence that Avast has seen large uptake of its free product in France. But will the United States and Britain be far behind?

Likewise, how enterprises procure their software will evolve. "Consumers bought software at retail, now they buy software online. Enterprises buy software from sales reps, and they will--over time--move towards buying the service or the product online, and as they do so, then that's our opportunity," says Steckler.

If new enterprise antivirus players come calling, will IT managers listen? Then again, with the growing use of mobile devices, including smartphones and tablets, might today's antivirus tools simply become a consumer-demanded, baked-in part of future computing devices and operating systems? Arguably, the only thing better than free is not having to bother at all.

The right forensic tools in the right hands are just a start. The new Digital Detectives issue of Dark Reading shows you how to better apply the lessons they teach. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Bprince
50%
50%
Bprince,
User Rank: Ninja
2/26/2012 | 3:38:35 AM
re: Free Anti-Virus Software Fails To Charm Enterprises
As long as the paid versions have protections the free versions don't, there will always be an advantage on their side in my opinion.
Brian Prince, InformationWeek/Dark Reading Comment Moderator
GeneIT
50%
50%
GeneIT,
User Rank: Apprentice
2/27/2012 | 7:11:41 PM
re: Free Anti-Virus Software Fails To Charm Enterprises
It seems like AV has just become a monitoring and reporting tool with occasional malware prevention. Treat it as just one layer to protect your system infrastructure. Stay out of the dark ages and use Deep Freeze, Content Filtering Appliance, System Hardening Techniques, and VDI to keep malware from looming around your organization.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2010-5110
Published: 2014-08-29
DCTStream.cc in Poppler before 0.13.3 allows remote attackers to cause a denial of service (crash) via a crafted PDF file.

CVE-2012-1503
Published: 2014-08-29
Cross-site scripting (XSS) vulnerability in Six Apart (formerly Six Apart KK) Movable Type (MT) Pro 5.13 allows remote attackers to inject arbitrary web script or HTML via the comment section.

CVE-2013-5467
Published: 2014-08-29
Monitoring Agent for UNIX Logs 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, and 6.2.3 through FP04 and Monitoring Server (ms) and Shared Libraries (ax) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP08, 6.2.3 through FP01, and 6.3.0 through FP01 in IBM Tivoli Monitoring (ITM)...

CVE-2014-0600
Published: 2014-08-29
FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote attackers to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287.

CVE-2014-0888
Published: 2014-08-29
IBM Worklight Foundation 5.x and 6.x before 6.2.0.0, as used in Worklight and Mobile Foundation, allows remote authenticated users to bypass the application-authenticity feature via unspecified vectors.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.