By Johna Till Johnson, Nemertes Research
February 10, 2005

The announced acquisition by Microsoft (Nasdaq: MSFT) of privately held Sybari Software for an undisclosed amount marks a heightened focus on protecting users from malware (SPAM, spyware, and viruses). This is significant for several reasons. Not only is malware costing enterprise organizations significantly in terms of productivity and IT time, it’s also hindering the adoption of next-generation productivity tools such as real-time communications dashboards, which hold the potential for dramatically improving enterprises’ top-line revenue and overall business agility.

Microsoft is clearly aware of this: In justifying the acquisition, the company explicitly stated that its goal is “to secure collaborative environments to enable businesses to foster collaboration among employees and with partners.” A worthy goal, and one we support.

But is the Sybari acquisition enough? We don’t think so. While Microsoft plans to build Sybari’s anti-malware capabilities into the next generation of Microsoft apps, IT execs shouldn’t assume the problem’s been solved. Designing inherently secure products requires an end-to-end architectural philosophy which Microsoft is still struggling to adopt. It will take more than a couple of strategic acquisitions to turn around Microsoft’s abysmal security track record, in other words. And Microsoft’s absorption of Sybari’s software into its own suites and OS will be a challenging task; in the past, such efforts have always taken Microsoft much longer than anticipated.

The complete Impact Analysis is available to Nemertes clients. For more information, please contact Chris Zimmerman at christine@nemertes.com