Tip

Check IT List: How to prevent spyware


What you will learn from this tip: What you can do to prevent your computers from becoming infected.

Spyware is not just a nuisance. It's a serious software problem that puts personal information at risk through

    Requires Free Membership to View

spyware-enabled identity theft. Known as junkware or malware, it's installed on your computers to push ads, track Internet habits and perform other tricks. Sensitive business assets are vulnerable to keyloggers and other tracking applications. Computers slow down to a crawl, which leads to productivity drains on users and IT staff.

There's too much at stake at your business to not take preventive action. Here's what you can do to prevent your computers from becoming infected:

  • Make a spyware protection company policy. To protect your business' best interests, anti-spyware protection should be required software on every computer. Just as you would require anti-virus software, if your organization takes information security seriously, this should be a breeze. If not, check out my SearchSMB.com webcast How to create a practical and effective e-mail security policiesfor some tips you can apply in this situation.

  • Remember that you'll likely need more than one anti-spyware application. Regardless of what anti-spyware vendors claim, you almost always need more than one program to protect against a wide range of adware and spyware. Experts say the best protection you can get is only probably around 70% using a combination of the two leading anti-spyware programs.

  • Aim for a centrally-managed anti-spyware solution if budget permits. I always advocate centrally-managed software for companies with more than just a handful of computers. Spyware protection is no different. There are several vendors, such as Webroot and CA, that offer such software. If you have roughly 10 or more Windows-based computers and want to save time, effort and money in the long-term, you should definitely consider this route.

  • Use a layered-defense. The best defense against any information threat is a layered defense. You have a greater chance defending against spyware if you use anti-spyware software combined with anti-virus, personal firewall, and host anomaly detection/intrusion prevention software. You can even help prevent infections at your network perimeter by utilizing spam and content filtering for inbound email.

  • Lock down your systems. A layer of spyware defense that deserves separate mention is to configure Windows and Internet Explorer to be more secure. There are simple things you can do that will make a world of difference. For starters, make sure your systems are configured to be "hardened" from the elements. Roberta Bragg has written extensively on this topic at SearchWindowsSecurity.com. These hardening tricks are very easy to implement, and you can even push a lot of them out via Active Directory Group Policies. Also, configure Internet Explorer (or whichever browser you use) to have pop-up blocker protection. This feature is built into most new browsers, and there are several well-known third-party applications for this. My favorite protection mechanism for Internet Explorer is the free Google toolbar. It not only blocks most pop-up ads that harbor spyware, it also serves as a quick and convenient way to perform Google queries while browsing the Internet.

  • Use a more secure browser. Internet Explorer is a huge target for pop-ups, phishing scams, executable code and other nefarious hacker shenanigans. If possible, use a more secure Web browser such as Firefox or Opera. These browsers likely have 99% or more of the functionality your users need with much less baggage attached.

  • Install anti-spyware protection before new computers are deployed. Rather than installing spyware protection and cleaning utilities after you suspect infections, put it on systems before they're deployed into the wild. For existing systems, simply install your favorite anti-spyware application such as Spybot Search and Destroy, Ad-Aware or PestPatrol (or a combination of two or more). Let the software clean your systems and simply keep it running full-time in the background to act as a preventative layer to keep your systems protected.

  • Protect every Windows-based system on your network. Anti-spyware software is no longer just for workstations – it needs to be on servers, laptops and any system running Windows – regardless of whether or not they are networked. Windows is the OS of choice for most spyware infections (at least for now) so make sure every single Windows-based system has protection.

  • Remember that remote users might not be receiving proper updates. If you have remote users, remember that their systems may not be receiving the proper anti-spyware and other software updates.

  • Educate your users. User gullibility, ignorance and carelessness are the main causes for infection. People clicking "yes" or "OK" in pop-up windows allowing software to be installed opens up the floodgates. Downloading and running seemingly innocuous programs doesn't help the cause either. Educate your users on what to do and what not to do. Give them examples of what can happen when spyware infects a computer and how that relates to their every day job functions. It's amazing how much buy-in you can get using this technique.


More Information


Kevin Beaver is an independent information security consultant, author, and speaker with Atlanta-based Principle Logic, LLC, where he specializes in information security assessments for those who take security seriously and incident response for those who don't. He is author and co-author of four information security books including the highly-successful Hacking for Dummies and the upcoming Hacking Wireless Networks for Dummies, both by Wiley Publishing. Kevin can be reached at kbeaver @ principlelogic.com.

This tip orginally appeared on sister site SearchSMB.com

This was first published in May 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.