The circle opens as I'm helping a client sort through computers and books he intends to donate to an international charity. We get to talking about Microsoft's new Client Protection suite, an amalgam of Windows Live Safety Center and Windows Live OneCare. The suite's available from the Windows Live Market-Share Retainer -- I mean, the Windows Live Ideas Web site. "So pretty soon, I won't have to pay extra for security software?" That's his actual question. And it's this question that begins the cycle of doom and salvation.
The doom is in response to a question many analysts are posing, namely "Can Microsoft's Client Protection initiative wipe out the third-party desktop security market?" Analysts tend to follow that up with a soothing "no," justified by consumers' inherent distrust of any sentence that has both --Microsoft and --security in it. That's followed up by the fact that, so far -- and likely for the lengthy foreseeable future -- any Microsoft client-protection software is going to be relegated solely to Windows. Thus, companies using Mac minis, Linux desktops, iPods, and abacuses (abaci?) will need to keep buying third-party security software anyway.
Unfortunately for any readers here who have money wrapped up in the desktop security market, I'm not a soothing guy. I say thee, "Yea!" Microsoft may not be able to annihilate the desktop security software market, but the company can sure as heck take a John Madden-sized bite out of that particular drumstick.
It will happen the same way Microsoft always makes things happen. Follow the circle: We all test Client Protection Version 1 in beta for free. As soon as it hits the appropriate milestone, Redmond will decide whether its beta testing reports have a low enough instance of problems versus a high enough instance of finding malware and vulnerabilities as compared with the competitor list that the company says it doesn't have. If those numbers are right, the product gets released; if not, it's delayed.
When it does get released, Microsoft will decide whether to offer it for free as part of Vista R2 or whatever the next desktop OS release might be. If Redmond decides to do this, anti-virus, anti-spyware, and desktop firewall makers are in for a bad year. A very bad year. Because no matter how much customers distrust software from the Great Western North, their love of getting something for free outweighs those misgivings.
If Redmond doesn't offer this software for free, the company can still use several tricks to get the same lemming effect in the Windows customer base. The cost could simply be really low, or Microsoft could hide it in the licensing fee so you simply don't know you're paying for it. Plus, Microsoft will keep adding neat-o keen features that look slick, like the glossy colorful leaves of some predatory plant monster.
Now follow this up with Microsoft's usual strategy. The company will do exactly what it's always done: Start at the desktop. Conquer that, then move rapidly into managing this feature from a central server. Pow! The enterprise security software market gets slammed. The good news is, Microsoft won't just take over that market because its track record in pricing enterprise solutions won't allow its product to be a no-brainer purchase. The company will still have a huge advantage, however, if the desktop part of the equation is free and the server only costs a few grand. Thusly, the circle reaches the point of doom.
Quickly, though, the circle will form an upswing for the same reason it forced a downturn: Hey, it's Microsoft, the company that refuses to do security properly from the ground up, apparently as a matter of principle. Instead of some ground-up coding that takes all of its Windows OS smarts into account, this is all going to wind up as a bolt-on feature set to the same problem-plagued code we've always enjoyed. The same code that's besieged by legions of Penguin-worshipping malware makers with too much time on their hands.
So we consultant types will be waving around the $US80 per desktop Sophos or Symantec client software during a budget meeting, and some wise MBA will shout us down, showing the Microsoft banner button proclaiming "It's Free!" Then they'll fall for the low-cost server price tag while we halfheartedly keep waving around the same competition. That'll be the year that consultants better figure out some additional service offerings.
But eventually, some weenie in Bosnia or Mali will crank out a KillWinForFun bug that'll completely penetrate client security based on some semi-obvious flaw in Solitaire.
And therein lies our salvation: Customers will call Microsoft's tech line first and listen to a Japanese string quartet's rendition of Barry Manilow's greatest hits for 45 minutes. Then, ears bleeding, they'll call us. Now we get consulting dollars for scanning, wiping, recovering, locking stuff down, rewriting security policies, testifying at HIPAA inquests and divorce proceedings, and selling them the full-blown versions of real enterprise security packages. That'll be the year I take a vacation in California, and play Pebble Beach every day!
We just have to keep donating to future virus writers. The circle closes.