McAfee overpaid big time for SafeBoot

While we East Coast folks celebrated Columbus Day, McAfee announced its acquisition of privately held SafeBoot for $350 million. SafeBoot provides software for file and full disk encryption.

Now, I certainly understand the rationale behind this deal. McAfee can now bundle encryption software into its PC security software and integrate key management into its ePolicy Orchestrator (ePO). We saw this same market consolidation pattern a few years ago with antispyware, which went from a stand-alone product to an integrated feature in endpoint security suites. In that transition, CA bought antispyware vendor Pest Patrol, while Microsoft grabbed Giant. Obviously, the same type of market dynamics are at work here.

What makes no sense at all to me, however, is the price tag. Three hundred and fifty million dollars? Holy cow!

Software-based disk encryption has about two years of runway ahead of it, then the market tanks. Why? In that time frame users will opt for hard-drive-based encryption from Seagate Technology, Western Digital and the like, or it will be based upon Windows Vista BitLocker. These products will be baked into new laptops one way or the other. No encryption utilities to install, with no fuss.

My view is that the hard-drive guys win, but it's pretty certain that the software-based utilities lose, regardless. Most of these software vendors are already planning for this inevitability by developing heterogeneous key management capabilities or expanding their product focus to non-PC devices.

McAfee is selling this deal to Wall Street by saying that it bought a market leader with more than 100 million desktops under management in 20 different languages and 76 countries. OK, but who cares? McAfee brings way more brand recognition and leadership to the table than SafeBoot ever could. Any full-disk encryption software bundled into McAfee would do the job just fine. McAfee could have paid a fraction of $350 million and bought someone--Voltage, Utimaco, PC-encrypt, etc.--and gotten the same functionality. Heck, it could have used open PGP and done it for free!

In summary, I like the strategy but not the financial execution. While a few investment bankers and SafeBoot executives are laughing all the way to the bank, I can think of a half dozen companies that McAfee could have purchased that would bring in more future upside than SafeBoot.