Spyware has fast become the number one Internet security threat facing corporations, silently tracking surfing...
behaviour, keyboard strokes or worse. Compromised data, increased technical support and reduced productivity are all direct consequences of spyware infections. One problem system administrators face is that it is difficult to centrally scan and safely remove harmful files from networked computers as most spyware is also linked by registry entries, which need to be cleaned as well, and some threats actually need to be removed by using Windows Application Programming Interface functions. This means that antispyware tools need to be installed, configured and run on each machine in the same way as antivirus software.
One of the leading Windows-based antispyware tools is Spybot Search & Destroy, a freeware program that removes adware, spyware, dialers, keyloggers and Trojans. It works with the leading browsers and is compatible with many antivirus and other antispyware programs you may be running. It also includes various useful tools, reports and an integrated update function, which installs weekly updates. There are several advanced settings such as being able to exclude certain products, cookies and files types from searches, but what I really like about it is the detailed information given about any problems it finds. This is particularly important given the trouble that can follow removing incorrect files and registry settings.
For a small organization it's possible to install and configure Spybot on each PC, but for larger corporations this is not really an option as it would be too time consuming, and frankly, quite dangerous to allow users to configure it themselves. Thankfully there is Server for Spybot that allows you to create a centralized standard configuration for Spybot, schedule scans on client machines, and send scan reports to an administrator. Clients can also update themselves from your server thus avoiding the need for every client to download updates from the Internet. Unlike Spybot, this product is not free but as it greatly reduces network traffic and gives the administrator the ability to control the configuration of Spybot's advanced options, which finesse how it works, it is worth the cost.
As part of a corporate rollout, of Spybot I would run a Security Awareness course that highlights the problems of spyware and what users should do to avoid it. The course should also cover the Spybot software and its function so that users understand what it does and how to respond to any messages. Of course, anti-spyware should not be your only weapon against spyware. It must be used in conjunction with a firewall, an antivirus application, spam and pop-up blockers, and a well-enforced security policy.
Dig Deeper on Web application and API security best practices
Related Q&A from Michael Cobb
Android encryption on devices using Qualcomm chips can be broken due to two vulnerabilities. Expert Michael Cobb explains how these flaws affect ...continue reading
A flaw that allows attackers to load malicious DLL files in Symantec products was labeled as severe. Expert Michael Cobb explains the vulnerability ...continue reading
Mobile apps using insecure OAuth could lead to over one billion user accounts being attacked. Expert Michael Cobb explains how developers can ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.