The Real Cost of Free Cybersecurity Software
The best things in life may be free, but more often than not, you get what you pay for.
That’s especially true when dealing with software and, as the Heartbleed bug showed us, there can be significant costs involved with using free software. And we’re not even talking about piracy – which has its own set of dangers.
Free software seems like an easy way to reduce costs but it comes with a host of security concerns. Is a compromised network worth saving a few dollars on licensing fees?
In this post, we will discuss some of the pitfalls of free software so you can carefully consider where to direct investments into your cybersecurity plan, ensuring your company's data and systems are protected. We have identified the following areas:
Bugs are a fact of life with software development, which is why quality assurance is so important. It’s also expensive, which means free software applications rarely get extensive QA testing. This makes end users the default beta testers and, while your compromised network might help the developer make his next version better, it’s rarely worth the additional costs.
OpenSSL – the software exploited by Heartbleed – was a free, open-source tool used by a large percentage of websites. It was maintained by one full-time developer, a few part-time contributors, and the generosity of a handful of people and organizations. That doesn’t leave much of a budget for QA and while OpenSSL had the tools to patch itself quickly when a vulnerability was discovered, many free software applications can’t even muster that.
It may cost you nothing to download but the software does cost something to build. For some, the joy of creating something useful is compensation enough. For most, however, there are less wholesome ways to recoup the costs of software development and earn some profit. There’s also money to be made selling your personal information, whether it’s the email address you entered while registering or data on how you’re using the application once it’s installed.
Many free pieces of software are also bundled with additional applications which the developer has been paid to include. For example, Adobe’s free products get bundled with Chrome and McAfee unless you opt-out. Things like this can slow down your system, or alter how your PC behaves if you are not careful and miss the checkbox.
Developers are rarely designers and, while it gets the job done, free software is rarely as easy to use as its paid counterparts. This might not seem like a serious issue, but it can really impact efficiency and user adoption. Is a piece of software really free if it’s costing you time every day?
Lack of Support
Support takes two forms; support for the product in the form of updates and assistance with issues you encounter while using a piece of software. Free offerings are typically lacking in both of the above since there’s no guarantee the developer is still interested in working on the product. Even if they are, they aren’t obliged to respond to issues or maintain a regular update schedule.
If an application is widely used, you can probably find communities on the internet that will help you troubleshoot. However, you need to factor that lost time into the cost of the application and, if you’ve ever tried to troubleshoot an IT issue on a web forum, you know they’re not always reliable.
Now, not all free software is affected by all of these issues but, as we’ve seen with the end of Windows XP, it doesn’t take long for unsupported software to become vulnerable. It’s true that paid versions aren’t always perfect, but you have leverage and the developer has a vested interest in keeping you happy.
What's the Solution?
While there are many out there, Stoneridge Software has a robust Managed Services department that can help you manage your cybersecurity plan or migrate your on-premise systems to Microsoft Azure.
Please reach out to us if you want to learn more. Our Managed Services experts are ready to help you protect your company.