Manage Learn to apply best practices and optimize your operations.

Using Spybot Search & Destroy in a corporate setting

Learn more about this Windows-based tool and how this freeware program can help organizations protect their network from spyware.

I often hear Spybot Search & Destroy touted in forums such as IT Knowledge Exchange. What are the benefits of using Spybot and is it really a viable solution for an enterprise setting?

Spyware has fast become the number one Internet security threat facing corporations, silently tracking surfing behaviour, keyboard strokes or worse. Compromised data, increased technical support and reduced productivity are all direct consequences of spyware infections. One problem system administrators face is that it is difficult to centrally scan and safely remove harmful files from networked computers as most spyware is also linked by registry entries, which need to be cleaned as well, and some threats actually need to be removed by using Windows Application Programming Interface functions. This means that antispyware tools need to be installed, configured and run on each machine in the same way as antivirus software.

One of the leading Windows-based antispyware tools is Spybot Search & Destroy, a freeware program that removes adware, spyware, dialers, keyloggers and Trojans. It works with the leading browsers and is compatible with many antivirus and other antispyware programs you may be running. It also includes various useful tools, reports and an integrated update function, which installs weekly updates. There are several advanced settings such as being able to exclude certain products, cookies and files types from searches, but what I really like about it is the detailed information given about any problems it finds. This is particularly important given the trouble that can follow removing incorrect files and registry settings.

For a small organization it's possible to install and configure Spybot on each PC, but for larger corporations this is not really an option as it would be too time consuming, and frankly, quite dangerous to allow users to configure it themselves. Thankfully there is Server for Spybot that allows you to create a centralized standard configuration for Spybot, schedule scans on client machines, and send scan reports to an administrator. Clients can also update themselves from your server thus avoiding the need for every client to download updates from the Internet. Unlike Spybot, this product is not free but as it greatly reduces network traffic and gives the administrator the ability to control the configuration of Spybot's advanced options, which finesse how it works, it is worth the cost.

As part of a corporate rollout, of Spybot I would run a Security Awareness course that highlights the problems of spyware and what users should do to avoid it. The course should also cover the Spybot software and its function so that users understand what it does and how to respond to any messages. Of course, anti-spyware should not be your only weapon against spyware. It must be used in conjunction with a firewall, an antivirus application, spam and pop-up blockers, and a well-enforced security policy.

More information

  • Take a quiz to find out if spyware is getting the best of you.
  • Use this step-by-step checklist for cleaning systems of pesky spyware.
  • Visit our resource center for more tips and expert advice on spyware prevention.

  • This was last published in August 2005

    Dig Deeper on Web application and API security best practices

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.