I've heard experts recommend using two or three programs to locate and get rid of spyware. Is this necessary? Can any one package be trusted to allow program-level monitoring of outbound traffic while also watching for known spyware activity?
Requires Free Membership to View
SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!
Michael S. Mimoso, Editorial Director
Although the term spyware first appeared in 1995, it wasn't until the early 2000s that it started to become a security issue affecting everyone. Antivirus programs became reasonably sophisticated by this time and their use fairly widespread. However, the dramatic surge in the number of spyware programs being written, and its growing malevolent goals, caught security vendors off guard. Spyware writers made full use of social engineering techniques to get their programs installed -- free software, amazing offers, and enticing emails to name just a few. Almost overnight, computer users, both business and home, were reporting slow machines, odd behavior and a drop in Internet connections speeds, all results of spyware hogging the computer's resources and bandwidth.
The big antivirus vendors were slow to react, partly because this was a different problem to tackle. Looking for a virus signature is one challenge; deciding whether an FTP program is genuine freeware or actually spyware simply masquerading as freeware is a completely different one. The gap in the market for a product to ease the growing headache for homes and businesses led to various companies launching antispyware programs. Some were good, some OK, and some were even spyware camouflaged as antispyware!
In these early days of the battle to get rid of spyware, the antispyware vendors struggled to keep up with the number of new spyware programs and the growing number of guises used to cloak a program's true intentions. When people started to review and compare the different antispyware offerings, they found that none could really find and successfully remove every infection. This is why many experts started to recommend people run two or three different antispyware programs in order to increase the chances that every malicious program would get detected.
Over the last few years, running antispyware software has become a widely recognized element of computer security best practices, and as a result, the bigger players in security have all developed their own antispyware programs, most of which come as part of their desktop security suite. As computer users have become more aware of the dangers of spyware, and vendors have developed a better understanding of how to tackle the problem, it is now probably safe to run just one antispyware program. (I used to run three antispyware programs myself only a few years ago.)
One disadvantage of choosing a security suite with an antispyware component is that the suite's firewall and antivirus protection may be quite good, but its antispyware may not be. The obvious alternative to a multifunction desktop security suite is to deploy various point products, each of which mitigates a particular type of risk. Deploying and managing separate applications, however, is complex and can prove inadequate if each is operated in isolation. Many enterprise network administrators feel they have too many applications to manage already. They all require staff to understand and maintain them, as well as time to analyze the data they produce. An integrated suite has a big advantage here when trying to get rid of spyware: information can be pooled to create more informative reports, while centralized administration allows policy rules and parameters to be set in one go, a far easier task than trying to enforce each policy across several different devices.
The big antivirus vendors were slow to react, partly because this was a different problem to tackle. Looking for a virus signature is one challenge; deciding whether an FTP program is genuine freeware or actually spyware simply masquerading as freeware is a completely different one. The gap in the market for a product to ease the growing headache for homes and businesses led to various companies launching antispyware programs. Some were good, some OK, and some were even spyware camouflaged as antispyware!
In these early days of the battle to get rid of spyware, the antispyware vendors struggled to keep up with the number of new spyware programs and the growing number of guises used to cloak a program's true intentions. When people started to review and compare the different antispyware offerings, they found that none could really find and successfully remove every infection. This is why many experts started to recommend people run two or three different antispyware programs in order to increase the chances that every malicious program would get detected.
Over the last few years, running antispyware software has become a widely recognized element of computer security best practices, and as a result, the bigger players in security have all developed their own antispyware programs, most of which come as part of their desktop security suite. As computer users have become more aware of the dangers of spyware, and vendors have developed a better understanding of how to tackle the problem, it is now probably safe to run just one antispyware program. (I used to run three antispyware programs myself only a few years ago.)
One disadvantage of choosing a security suite with an antispyware component is that the suite's firewall and antivirus protection may be quite good, but its antispyware may not be. The obvious alternative to a multifunction desktop security suite is to deploy various point products, each of which mitigates a particular type of risk. Deploying and managing separate applications, however, is complex and can prove inadequate if each is operated in isolation. Many enterprise network administrators feel they have too many applications to manage already. They all require staff to understand and maintain them, as well as time to analyze the data they produce. An integrated suite has a big advantage here when trying to get rid of spyware: information can be pooled to create more informative reports, while centralized administration allows policy rules and parameters to be set in one go, a far easier task than trying to enforce each policy across several different devices.
This was first published in January 2009