The big antivirus vendors were slow to react, partly because this was a different problem to tackle. Looking for a virus signature is one challenge; deciding whether an FTP program is genuine freeware or actually spyware simply masquerading as freeware is a completely different one. The gap in the market for a product to ease the growing headache for homes and businesses led to various companies launching antispyware programs. Some were good, some OK, and some were even spyware camouflaged as antispyware!
In these early days of the battle to get rid of spyware, the antispyware vendors struggled to keep up with the number of new spyware programs and the growing number of guises used to cloak a program's true intentions. When people started to review and compare the different antispyware offerings, they found that none could really find and successfully remove every infection. This is why many experts started to recommend people run two or three different antispyware programs in order to increase the chances that every malicious program would get detected.
Over the last few years, running antispyware software has become a widely recognized element of computer security best practices, and as a result, the bigger players in security have all developed their own antispyware programs, most of which come as part of their desktop security suite. As computer users have become more aware of the dangers of spyware, and vendors have developed a better understanding of how to tackle the problem, it is now probably safe to run just one antispyware program. (I used to run three antispyware programs myself only a few years ago.)
One disadvantage of choosing a security suite with an antispyware component is that the suite's firewall and antivirus protection may be quite good, but its antispyware may not be. The obvious alternative to a multifunction desktop security suite is to deploy various point products, each of which mitigates a particular type of risk. Deploying and managing separate applications, however, is complex and can prove inadequate if each is operated in isolation. Many enterprise network administrators feel they have too many applications to manage already. They all require staff to understand and maintain them, as well as time to analyze the data they produce. An integrated suite has a big advantage here when trying to get rid of spyware: information can be pooled to create more informative reports, while centralized administration allows policy rules and parameters to be set in one go, a far easier task than trying to enforce each policy across several different devices.
This was first published in January 2009