Spyware is not just a nuisance. It's a serious software problem that puts personal information at risk through spyware-enabled identity theft. Known as junkware or malware, it's installed on your computers to push ads, track Internet habits and perform other tricks. Sensitive business assets are vulnerable to keyloggers and other tracking applications. Computers slow to a crawl, which leads to productivity drains on users and IT staff.
There's too much at stake at your business to not take preventive action. Here's what you can do to prevent your computers from becoming infected:
Make a spyware protection company policy. To protect your business' best interests, antispyware protection should be required software on every computer. Just as you would require antivirus software, if your organization takes information security seriously, this should be a breeze. If not, check out my SearchSMB.com webcast
- How to create a practical and effective e-mail security policies for some tips you can apply in this situation.
Remember that you'll likely need more than one antispyware application. Regardless of what antispyware vendors claim, you almost always need more than one program to protect against a wide range of adware and spyware. Experts say the best protection you can get is probably around only 70% using a combination of the two leading antispyware programs.
Aim for a centrally managed antispyware solution if the budget permits. I always advocate centrally managed software for companies with more than just a handful of computers. Spyware protection is no different. There are several vendors, such as Webroot Software Inc. and Computer Associates International Inc., that offer such software. If you have roughly 10 or more Windows-based computers and want to save time, effort and money in the long term, you should definitely consider this route.
Use a layered defense. The best defense against any information threat is a layered defense. You have a greater chance defending against spyware if you use antispyware software combined with antivirus, personal firewall and host anomaly detection/intrusion prevention software. You can even help prevent infections at your network perimeter by utilizing spam and content filtering for inbound email.
Lock down your systems. A layer of spyware defense that deserves separate mention is to configure Windows and Internet Explorer to be more secure. There are simple things you can do that will make a world of difference. For starters, make sure your systems are configured to be "hardened" from the elements. Roberta Bragg has written extensively on this topic at SearchWindowsSecurity.com. These hardening tricks are very easy to implement, and you can even push a lot of them out via Active Directory Group Policies. Also, configure Internet Explorer (or whichever browser you use) to have pop-up blocker protection. This feature is built into most new browsers, and there are several well-known third-party applications for this. My favorite protection mechanism for Internet Explorer is the free Google toolbar. It not only blocks most pop-up ads that harbor spyware, but it also serves as a quick and convenient way to perform Google queries while browsing the Internet.
Use a more secure browser. Internet Explorer is a huge target for pop-ups, phishing scams, executable code and other nefarious hacker shenanigans. If possible, use a more secure Web browser such as Firefox or Opera. These browsers likely have 99% or more of the functionality your users need with much less baggage attached.
Install antispyware protection before new computers are deployed. Rather than installing spyware protection and cleaning utilities after you suspect infections, put it on systems before they're deployed into the wild. For existing systems, simply install your favorite antispyware application such as Spybot Search and Destroy, Ad-Aware or PestPatrol (or a combination of two or more). Let the software clean your systems and simply keep it running full time in the background to act as a preventative layer to keep your systems protected.
Protect every Windows-based system on your network. Antispyware software is no longer just for workstations -- it needs to be on servers, laptops and any system running Windows, regardless of whether or not they are networked. Windows is the operating system of choice for most spyware infections (at least for now), so make sure every single Windows-based system has protection.
Remember that remote users might not be receiving proper updates. If you have remote users, remember that their systems may not be receiving the proper antispyware and other software updates.
Educate your users. User gullibility, ignorance and carelessness are the main causes for infection. People clicking "yes" or "OK" in pop-up windows allowing software to be installed opens the floodgates. Downloading and running seemingly innocuous programs doesn't help the cause either. Educate your users on what to do and what not to do. Give them examples of what can happen when spyware infects a computer and how that relates to their everyday job functions. It's amazing how much buy-in you can get using this technique.
Kevin Beaver is an independent information security consultant, author and speaker with Atlanta-based Principle Logic LLC, where he specializes in information security assessments for those who take security seriously and incident response for those who don't. He is author and co-author of four information security books, including the highly successful Hacking for Dummies and the upcoming Hacking Wireless Networks for Dummies, both by Wiley Publishing. Kevin can be reached at firstname.lastname@example.org.
Do you have comments on this tip? Let us know.
This was first published in May 2005