|
With companies increasingly opening their networks to partners and customers, blurring the distinction between trusted visitors and unwelcome intruders, spyware is running rampant, and rapidly becoming a major issue for enterprise organizations and smallâmidsize businesses (SMBs). Add to this the security risks that come with a growing mobile workforce, and the threat of spyware compounds exponentially.
Spyware and malware are silent, malicious software programs that are installed on a PC -- without the userâs knowledge or consent -- that may perform some type of undesirable activity on the system, such as infecting corporate desktops, sapping bandwidth, affecting productivity and driving up help desk calls. Users can be exposed to spyware through a software virus or worm infection -- often unwittingly communicated via email -- by installing a new program or even by visiting a web site. Once installed, these programs work diligently to gather information about a computer or system without the userâs knowledge.
The purpose of spyware is usually to steal personal information, enabling unknown parties to engage in identity theft, tracking users' online activity, and selling the information to others for profit. This is a tremendous threat to personal and enterprise security.
Particularly at risk are industries like healthcare, insurance and financial services because they deal with large volumes of sensitive data. The repercussions of compromised data can extend past federal regulations and may include liability for violating non-disclosure agreements, compromising competitive advantage, and exposing employees and corporations to many types of fraud.
Even when spyware is not malicious in nature, it still causes significant damage to legitimate software, network performance and employee productivity. Users who have been infected with spyware are often plagued by pop-ups and may experience significant slow-downs in system performance. They might find their searches going to strange sites or that another search page has taken over. In severe cases, the computer may become nearly unusable.
When this happens, IT support staff is called away from their normal duties, and forced to take apart and rebuild computers as they become so riddled with spyware that they no longer function properly.
Fighting Back
Current firewall and antivirus technologies are not designed to detect, remove or outwit spyware. Firewalls do not effectively block infections because spyware is often embedded in programs that users willingly download. Once installed on a system, spyware applications disguise themselves as trusted programs, allowing them to communicate freely with the Internet over TCP ports that are commonly left unprotected on firewalls.
Todayâs antivirus tools fail to detect spyware because it does not include the viral methods of reproduction or behaviors detected by normal antivirus pattern recognition techniques. In addition, most spyware programs bring with them hundreds, if not thousands, of additional âtraces.â Often times, removing only the spyware executable file leaves pieces behind that reproduce if left undetected.
Organizations will need to invest in additional technology to combat this problem. In the last few years, multiple anti-spyware products have been introduced to the marketplace. However, these tools have been designed for desktop users and have not been scalable to corporations. In light of this, most experts recommend that employees use two or three different anti-spyware programs to find and remove as much spyware as possible from their computers. This haphazard approach, however, is not enough to solve such a widespread problem.
Tips & Tricks
To help decrease the risk of spyware, businesses should utilize the following checklist:
1 Develop and enforce an acceptable use policy. Regularly communicate computer usage rules to all employees through awareness training.
2 Use domain security policies. Restrict users from installing software. Do not give administrator access to users.
3 Set employee browsers to at least a medium-level security settings. Block active content that may automatically launch applications within an employeeâs web browser.
4 Include spyware in the overall security risk assessment and deploy the right tools on the network. Firewalls, network intrusion detection and intrusion prevention systems can help companies protect their networks by detecting and blocking nefarious network traffic.
5 Deploy host-based tools on PCs. Install software to prevent viruses and spyware on employee PCs. Set personal firewalls and host-based intrusion prevention systems for further security at the PC level.
6 Harden the operating system and keep patches up-to-date.
Remote workers relying on alternate networks such as public hot spots and public wireless access networks expose corporate systems to security risks as well, because oftentimes they cannot guarantee the security of their Internet surroundings. Additionally, remote workers are often a burden on IT help desks, since a technician cannot be dispatched to assist mobile workers in person.
For the remote worker using a home PC or mobile device, users should mind the following rules:
1 Be able to recognize popular spyware tactics. Do not download suspect software or launch unfamiliar attachments. Adopt the mantra âBe careful what you click on.â
2 Understand and communicate the risk to everyone in your home. Parents should educate kids about spyware as part of Internet safety. Despite this education, parents should not expect their kids to listen and should take further action to help prevent spyware.
3 Set your browser to a medium-level security setting.
4 Though Internet providers are starting to add security services, it is important to deploy additional security software on all PCs. Users should install software to prevent viruses and spyware. Personal firewalls can further thwart outsiders from accessing your private data and prevent applications from sending data out.
5 Automate as much as possible. Use Windows Update, a consumer site that provides critical updates, security fixes, and software downloads to keep Windows patched and current. Use the auto update features of your anti-virus or anti-spyware software. Set up automated scans on a weekly basis and scan incoming emails as they arrive.
6 Use the right tools to protect yourself. Download and install tools like Ad-Aware, Spybot, SpywareBlaster and Spy Sweeper in addition to anti-virus software; many of these are free.
While no method can provide 100 percent protection, these simple steps can lessen the risk the computer user faces from the growing threat of spyware.
About the Author
Chris Thatcher is the security practice manager for Dimension Data North America. He can be reached at
.
Go Back
|
