Check IT List: How to prevent spyware

Spyware is not just a nuisance. It's a serious software problem that puts personal information at risk through spyware-enabled identity theft. Known as junkware or malware, it's installed on your computers to push ads, track Internet habits and perform other tricks. Sensitive business assets are vulnerable to keyloggers and other tracking applications. Computers slow down to a crawl, which leads to productivity drains on users and IT staff.

There's too much at stake at your business to not take preventive action. Here's what you can do to prevent your computers from becoming infected:

• Make a spyware protection company policy. To protect your business' best interests, anti-spyware protection should be required software on every computer. Just as you would require anti-virus software, if your organization takes information security seriously, this should be a breeze. If not, check out my SearchSMB.com webcast How to create a practical and effective e-mail security policiesfor some tips you can apply in this situation.

• Remember that you'll likely need more than one anti-spyware application. Regardless of what anti-spyware vendors claim, you almost always need more than one program to protect against a wide range of adware and spyware. Experts say the best protection you can get is only probably around 70% using a combination of the two leading anti-spyware programs.

• Aim for a centrally-managed anti-spyware solution if budget permits. I always advocate centrally-managed software for companies with more than just a handful of computers. Spyware protection is no different. There are several vendors, such as Webroot and CA, that offer such software. If you have roughly 10 or more Windows-based computers and want to save time, effort and money in the long-term, you should definitely consider this route.

• Use a layered-defense. The best defense against any information threat is a layered defense. You have a greater chance defending against spyware if you use anti-spyware software combined with anti-virus, personal firewall, and host anomaly detection/intrusion prevention software. You can even help prevent infections at your network perimeter by utilizing spam and content filtering for inbound email.

• Lock down your systems. A layer of spyware defense that deserves separate mention is to configure Windows and Internet Explorer to be more secure. There are simple things you can do that will make a world of difference. For starters, make sure your systems are configured to be "hardened" from the elements. Roberta Bragg has written extensively on this topic at SearchWindowsSecurity.com. These hardening tricks are very easy to implement, and you can even push a lot of them out via Active Directory Group Policies. Also, configure Internet Explorer (or whichever browser you use) to have pop-up blocker protection. This feature is built into most new browsers, and there are several well-known third-party applications for this. My favorite protection mechanism for Internet Explorer is the free Google toolbar. It not only blocks most pop-up ads that harbor spyware, it also serves as a quick and convenient way to perform Google queries while browsing the Internet.

• Use a more secure browser. Internet Explorer is a huge target for pop-ups, phishing scams, executable code and other nefarious hacker shenanigans. If possible, use a more secure Web browser such as Firefox or Opera. These browsers likely have 99% or more of the functionality your users need with much less baggage attached.

• Install anti-spyware protection before new computers are deployed. Rather than installing spyware protection and cleaning utilities after you suspect infections, put it on systems before they're deployed into the wild. For existing systems, simply install your favorite anti-spyware application such as Spybot Search and Destroy, Ad-Aware or PestPatrol (or a combination of two or more). Let the software clean your systems and simply keep it running full-time in the background to act as a preventative layer to keep your systems protected.

• Protect every Windows-based system on your network. Anti-spyware software is no longer just for workstations – it needs to be on servers, laptops and any system running Windows – regardless of whether or not they are networked. Windows is the OS of choice for most spyware infections (at least for now) so make sure every single Windows-based system has protection.

• Remember that remote users might not be receiving proper updates. If you have remote users, remember that their systems may not be receiving the proper anti-spyware and other software updates.

• Educate your users. User gullibility, ignorance and carelessness are the main causes for infection. People clicking "yes" or "OK" in pop-up windows allowing software to be installed opens up the floodgates. Downloading and running seemingly innocuous programs doesn't help the cause either. Educate your users on what to do and what not to do. Give them examples of what can happen when spyware infects a computer and how that relates to their every day job functions. It's amazing how much buy-in you can get using this technique.

• Read A wolf in sheep's clothing, an article within our Spyware series on the pros and cons of community-based spyware.
• Take our quiz, Is spyware getting the best of you? and test your spyware savvy.
• Visit our spyware resource center for the latest news and expert advice.

Kevin Beaver is an independent information security consultant, author, and speaker with Atlanta-based Principle Logic, LLC, where he specializes in information security assessments for those who take security seriously and incident response for those who don't. He is author and co-author of four information security books including the highly-successful Hacking for Dummies and the upcoming Hacking Wireless Networks for Dummies, both by Wiley Publishing. Kevin can be reached at kbeaver @ principlelogic.com.