Security and Advertising
Periodically, I’ll get an email from a VC who is interested in investing in some type of new consumer Internet security startup and they want to know what I think of advertising as a business model for security businesses.
For background, OpenDNS is one of the fastest-growing enterprise security companies today (2012 was our third consecutive year of triple-digit sales growth), but it was founded back in 2005 as a consumer Internet company that provided a lot of security benefits and had a mostly advertising-based business model early on.
The short answer is that free security paid for by advertisers doesn’t work. The reasons are simple. Imagine wanting to provide the greatest protection and service possible to people. Then imagine having to compromise those aims in order to satisfy advertisers who want to use flash ads (notorious for exploits), third-party tracking cookies (a privacy no-no), pop-ups, pop-unders, spamvertisers, and countless other revenue-generating activities that erode the very basis for your services’ existence.
But this time it’ll be different, the VC tells me. They are going to create a “secure ad network.” Or something. I’ve heard it all before. It never lasts because you’re in this rat race to take the eyeballs you have and shake more nickels out of them. Getting more customers isn’t enough. Eventually you’ll need to start increasing your eCPMs or click-throughs. How do you increase CPMs? Shadier ads. How do you increase click-throughs? More ads, bigger ads, less obvious ads, etc.
At the end of the day, your customers lose, and they will leave you. Or, you’ll just make less money. It’s easy to say you’re willing to make less money when you’re making none. But when you’re making millions of dollars a year, it’s not so easy.
When we were faced with the decision of hurting the end-user experience or making less money, we chose another path. We decided to have people pay for the service if they felt it was worth it. That’s turned out to be one of the best decisions we ever made.
Here’s my advice for someone wanting to start a security company (or any business): Start a company where the service you provide is so good that the people using it want to pay you for it. It’s just a much easier transaction, and it tightly aligns your goals with your customers’.