Rousting spyware

Spyware -- a longstanding issue with privacy advocates and legislators -- is drawing increasing attention from security personnel who must contend with the security and productivity problems it poses.

Spyware is an umbrella term for two primary applications: annoying but legitimate adware programs, and clearly malicious tools like keystroke loggers, backdoors and sophisticated Trojans. The common characteristic among these programs is that they give third parties unauthorized access to a company's PCs and, by extension, its network.

As with all security issues, fighting spyware needs to be a classic combination of technology, policy, process and people. Enterprise-caliber products are new to the market, and corporations are just now paying serious attention to the problem.

Consider the available options:

Policy and education

Organizations that promote a strong security culture, with clear acceptable use policies, an aggressive user education program and, when needed, appropriate disciplinary action for noncompliance, are in better shape than most. Acceptable use policies should prohibit browsing Web sites that aren't work-related, installing unauthorized applications and, of course, opening suspicious or unsolicited e-mail attachments.

These restrictions are critical. Spyware frequently doesn't ask permission, not even deep within EULAs or in misleading pop-up downloads. "Drive-by downloads" install merely by visiting a Web site, installing an application or viewing an HTML e-mail message.

The problem is complicated by the growing number of remote users with high-speed Internet connections, wireless capability and easy remote LAN/WAN access. They use company equipment or home computers, which may not have reasonable security precautions in place, such as AV and personal firewalls.

In addition to user policies, security policies should include regular reviews of firewall policies to block unaut

To continue reading for free, register below or login

Requires Membership to View

To gain access to this and all member only content, please provide the following information (all fields required):

First Name:
Last Name:
Country: Select... Afghanistan Aland Islands Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua and Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bosnia and Herzegovina Botswana Bouvet Island Brazil British Indian Ocean Territory British Virgin Islands Brunei Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos (Keeling) Islands Colombia Comoros Congo Congo, Democratic Republic of Cook Islands Costa Rica Cote D'Ivoire Croatia Cuba Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland Islands Faroe Islands Fiji Finland France French Guiana French Polynesia French Southern Territories Gabon Gambia, The Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guernsey Guinea Guinea-Bissau Guyana Haiti Heard and McDonald Islands Honduras Hong Kong Hungary Iceland India Indonesia Iran Iraq Ireland Israel Italy Jamaica Japan Jersey Jordan Kazakhstan Kenya Kiribati Korea, North Korea, South Kuwait Kyrgyzstan Laos Latvia Lebanon Lesotho Liberia Libya Liechtenstein Lithuania Luxembourg Macau Macedonia Madagascar Malawi Malaysia Maldives Mali Malta Man, Isle of Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia Moldova Monaco Mongolia Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands Netherlands Antilles New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island Northern Mariana Islands Norway Oman Pakistan Palau Palestine Panama Panama Canal Zone Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Reunion Romania Russia Rwanda Saint Helena Saint Kitts and Nevis Saint Lucia Saint Pierre and Miquelon Saint Vincent and the Grenadines Samoa San Marino Sao Tome and Principe Saudi Arabia Senegal Serbia and Montenegro Seychelles Sierra Leone Singapore Slovakia Slovenia Solomon Islands Somalia South Africa South Georgia and South Sandwich Islands Spain Sri Lanka Sudan Suriname Svalbard Swaziland Sweden Switzerland Syria Taiwan Tajikistan Tanzania Thailand Timor-Leste Togo Tokelau Tonga Trinidad and Tobago Tunisia Turkey Turkmenistan Turks and Caicos Islands Tuvalu U.S. Minor Outlying Islands Uganda Ukraine United Arab Emirates United Kingdom United States Uruguay Uzbekistan Vanuatu Vatican City Venezuela Vietnam Virgin Islands Wallis and Futuna Islands Western Sahara Yemen Zambia Zimbabwe
Email Address:

I would like to receive a FREE subscription to Information Security magazine online.
YesNo

Do you manage, evaluate, recommend, implement, support or purchase security products, software or services?
YesNo

Please estimate the yearly security budget for your entire organization including all security products and services.
Please select... Over $10 Million $5 Million-$10 Million $1 Million-$4.9 Million $500,000-$999,999 $100,000-$499,999 $50,000-$99,999 $25,000-$49,999 $10,000-$24,999 Less than $10,000 None

What is your role in purchasing IT related products and services? (Check all that apply)
Technical decision maker
Financial decision maker
Recommend/Specify
Evaluate products
Implement Products/Services
Determine Needs
Create Security Strategy
None

By joining SearchSecurity.com you agree to receive email updates from the TechTarget network of sites, including updates on new content, magazine or event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile or unsubscribing via email.

TechTarget cares about your privacy. Read our Privacy Policy

Antispyware technology

If you think your enterprise AV product is protecting your desktops against spyware, think again. In an Information Security lab test, traditional AV products did a dismal job detecting spyware and popular backdoor tools. Several vendors were reluctant to even touch adware because user consent raises liability issues over treating it as malware.

This isn't the case with antispyware vendors, whose products target everything from tracking cookies to keystroke loggers. There are a number of desktop products whose colorful names leave no doubt to their purpose: Spyware Eliminator by Aluria; AntiSpy by OmiQuad; SpySubtract by Intermute; SpyRemover by Infoworks Technology Company; SpyHunter by Enigma Software Group; and BPS Spyware Remover by Bullet Proof Soft. Patrick Kolla's Spybot-Search & Destroy is a popular freeware tool.

But, even these specialized products have only partial success. Some spyware is notoriously difficult to remove. For example, they'll install multiple copies or even reinstall deleted files. Your best strategy is to install multiple security products to create a layered defense.

These solutions are designed for home users or individual corporate desktops. And, like early desktop AV, they lack the enterprise management tools that companies require.

Some companies are filling this gap. PestPatrol Corporate Edition and Webroot's Spy Sweeper Enterprise each feature a management console that controls installation, deployment and administration. Ad-Aware Pro also includes central management features.

McAfee and Symantec, the 800-pound gorillas in the AV market, are giving spyware serious attention. McAfee has released a stand-alone desktop product, McAfee Antispyware, and Symantec is incorporating antispyware technology into its newest release of Norton Internet Security.

In addition, the proliferation of Web-based attacks and remote users has spawned a growing market of endpoint products that check security compliance before letting remote and/or LAN-based computers on the network.

With all that can be done about spyware, it's disheartening to point out that it's yet another security issue that needs attention. Enterprises should add spyware to the list of security threats to be addressed by their endpoint security products.

This tip was excerpted from an article in our sister publication, Information Security. Read the full article here.

About the author
David Geer (David@GeerCom.com) is a freelance technology writer based in Ohio.