I take the stage today to share some insights on “Awareness that Works” – live in Nashville, TN. In the event you were unable to join me in Nashville (or even if you did), we can keep the conversation going tomorrow during the first Catalyst Live! talkcast:

Join me on Friday – September 19^th – at 2pm ET (11am PT) for Catalyst Live! – a live chat hosted by Michael Santarcangelo. This week, we look deeper into my recent freeware experience and welcome Dave Cole from Symantec to the call.

I’ll be monitoring twitter and the talkshoe client during the call, allowing us to field live calls, chats and instant messages. Participate in the conversation!

Join In!

Join the conversation on TalkShoe by using the spiffy browser-only client. For the more adventurous, check out the shiny TalkShoe Pro Java client.

To listen and join in – including to ask questions and engage in the conversation, launch your browser an click here: http://www.talkshoe.com/tc/25233 on Friday at 2pm ET.

Call in on regular phone or VOIP lines: dial (724) 444-7444 and enter the talkcast ID, 25233.

Join me on Friday – September 19^th – at 2pm ET (11am PT) for Catalyst Live! – a live chat hosted by Michael Santarcangelo. This week, we look deeper into my recent freeware experience and welcome Dave Cole from Symantec to the call.

I’ll be monitoring twitter and the talkshoe client during the call, allowing us to field live calls, chats and instant messages. Participate in the conversation!

Join In!

Join the conversation on TalkShoe by using the spiffy browser-only client. For the more adventurous, check out the shiny TalkShoe Pro Java client.

To listen and join in – including to ask questions and engage in the conversation, launch your browser an click here: http://www.talkshoe.com/tc/25233 on Friday at 2pm ET.

Call in on regular phone or VOIP lines: dial (724) 444-7444 and enter the talkcast ID, 25233. 

Is freeware really free?

Threats change. Solutions evolve. We no longer only face viruses, but now must contend with a multitude of attacks and other “bad things.” Whether speaking from the platform or offering our “Building Your Family Safety Net” seminar, here are the most important five actions for home computer protection (we handle networking and other elements in a different segment):

1.     Install and use a personal firewall

2.     Install and use anti-virus (and other protections, like anti-spyware, etc.)

3.     Select and use good passwords

4.     Use a regular user account instead of the administrative account

5.     Backup (and test) regularly

After sharing the list, a common question asked is, “What programs and brand should I use to protect my computer? From the platform, I work to remain neutral on brands and explain that using the solution is what counts – by keeping the program updated. That extended to freeware solutions, too. After all, this was a way to remain independent and still provide value, right?

Turns out my education is in social science with an emphasis on applied economics. Along the way, I wondered, out loud, if freeware was actually free. Economically speaking – which makes more sense – paying for a solution or building a “suite” to protect a PC from freely available solutions?

I recently had the opportunity to step back, put myself in the shoes of a user and experience the difference between piecing together a freeware suite versus a paid solution. This was a chance to step outside of my own expertise and beliefs and approach the situation with a fresh mind. As a professional speaker, I questioned whether I should be staying neutral and agnostic, or if I could provide more insights to help people make a better decision.

My experience and findings actually surprised me – and shifted not only my thinking, but also the recommendations I make from the platform and when working with family, friends and groups of people. Keep reading to learn about my experience in learning that freeware isn’t free, and actually may cost more – and create more hassle – than a current paid solution.

====

Quick note: I will be releasing a podcast with more insights tomorrow, along with the final report from my efforts. Check back for links and insights tomorrow.

The Throw Down

After attending a highly charged event hosted by Symantec, we got into a lengthy discussion about freeware. I candidly shared my approach and the impressions I held about the efficacy of freeware solutions. During the conversation, I was challenged to take an objective look at the user experience of building and using a suite of freeware solutions to match Norton Internet Security 2008. I agreed.

Note: I was compensated for my time on this effort – but tested on my own hardware and was left to record my own experiences. My independence and freedom of thought is important to me (and you).

Testing as a User

First – it is important to note that I tested this experience through the lens of a user. While I cannot simply set aside my technical experience – I avoided taking shortcuts and glossing over challenges. Instead, I forced myself to read, consider, accept default choices and otherwise work through the programs as intended by the development teams.

I took notes, captured screens and recorded how much time I spent on various tasks. Unlike a lab situation conducting a technical evaluation, I was less concerned with total processor usage, memory usage and footprint. Primary (and almost exclusively) I focused on experience and whether I would be recommending a solution to thousands of people that actually enhanced their experience (while making them safer) or created additional burdens to them (with the potential of reducing their security).

My Test Environment

•       Windows XP Professional, Service Pack 2
•       Fully patched and loaded from a fresh install
•       Internet Explorer 7 installed (and with it, Windows Defender)
•       NO OEM software installed

NO additional programs were installed prior to testing. The idea was to replicate a fresh environment that would be a common experience for a user.

The Freeware Suite

•       AVG Free
•       LavaSoft Ad Aware
•       Zone Alarm Free

I downloaded the most recent versions of the programs from their respective websites and used them on my personal computer.

Initial Findings (to my surprise)

•       The install took me about 4 hours from start to finish. That included finding, downloading, installing and configuring the programs
•       Once installed – could not connect to the Internet; spent 10-20 minutes troubleshooting and was forced to revert to my technical training.
•       Solution was a combination of configuration checks and reboots
•       Bottom line: no warning messages, no indicators but the firewall (or combination) blocked everything. If that had been my family or someone I recommended the freeware suite to, they surely would have held me in low regard!

Time Value of Money (and the cost of upgrade)

To calculate your hourly rate, take your salary (in thousands), drop the last three zeros and divide the rest in half. If you make $40,000 per year, your hourly rate would be 40 divided by 2 or $20/hour.

Trouble-shooting aside, it took me four hours to install, at a cost of $80 (using the estimate above; personally, it cost a bit more). I could have bought NIS 2008 on sale for $60, had coverage for three machines and been done in 30 minutes. Straight up, I see an advantage to paid solutions like NIS 2008 over freeware.

Depending on how you value time and money, NIS 2008 may or may not be the less expensive solution, but what about the user experience? And what does that count for?

The Perspective of my Family

Growing up, my Mom would tell me that when faced with a tough exam, prepare like I was going to explain it to her. My folks are smart, but it’s a good benchmark for how something will work (or not).

Some family members just started a garden center. They asked me for advice on how to best protect their laptop (actually one of our retired laptops). When setting it up for them, I quickly updated the software and checked settings. When it came time to install virus (and other) protection, I noted two things: (1) most of the freeware suites cannot be used for commercial purposes, and (2) I couldn’t imagine supporting them from afar with the suites based on my testing.

Having them buy AVG, Zone Alarm and Lava Soft was more expensive that NIS 2008. So we got and installed NIS 2008 for them. It was quick, easy and even pointed out some settings to further enhance security. I haven’t fielded a question yet.

My New Advice from the Platform

My reputation matters – especially now that I work with schools and families during the onTour events. As a result of taking a step back and really considering the experience of those that rely on my advice, I have revised my guidance to the following:

If you are technically competent and already using a freeware cocktail – I have no qualms about your continued use. However, when the other parents at my son’s school ask about freeware – I answer by asking them a question about the value of their time – and if they would prefer ease, convenience and a support line, if needed. I have yet to be told no. In that case, I suggest they consider a paid solution; which brand is a different discussion

About Michael Santarcangelo

Michael J. Santarcangelo, II is a human catalyst. An expert who speaks on information protection – including compliance, privacy and awareness – Michael energizes and inspires his audiences to change the way they protect information. His passion and approach gets results that change behaviors.

As the voice of optimism in an industry of doomsayers, Michael has recently completed his first book, Into the Breach (www.intothebreach.com), which provides the wisdom and answers executives need to defend their organization against breaches while discovering how to increase revenue, protect the bottom line and efficiently manage people, information and risk.

Michael is currently taking his message of optimism on the road with the Catalyst onTour (www.catalystontour.tv) , a cross-country speaking and book tour to guide businesses and families to greater security.