Advice on stopping snooping software compromising corporate systems
Spyware is software that is installed without the user's permission
and which covertly gathers and transmits data about how a computer
is being used. On a corporate system, it can be a security risk and
slowdown the network - and no computer connected to the internet is
immune.
The following are recommendations on how IT managers should deal
with the growing problem of spyware.
The first step is to carry out a health check on your systems to
find out how big the problem is in your organisation. Specialist
software packages can assess how much data is transmitted via
spyware and which users are infected.
However, software writers often go to considerable lengths to hide
the fact that their products include spyware, so it may not be
immediately obvious whether there is any on a PC. Check the small
print of the licence agreement before installing any freeware or
shareware.
Organisations should also get into the habit of uninstalling any
software that is not regularly used. Some of the most common
spyware applications include Gator (also known as Gain), Bonzibuddy
and Comet Cursor, each of which is included with many freeware and
shareware products. If these products are mentioned in any of the
programs you use, your computer is probably infected with at least
one spyware tool.
Spyware programs are not viruses, so installing anti-virus software
does not fully protect you from spyware. Check out the privacy
policy on the websites of the software you use to find out what
they use the collected information for.
Many spyware programs communicate through the same internet port as
general web traffic, thus making it very difficult to block data
transmission using a firewall. By using internet filtering software
that includes a sophisticated spyware filter, you can stop programs
from sending data back to their host servers.
It is also worth considering using software that automatically
prevents users from downloading and running programs that contain
spyware. It will also ensure that any spyware application already
installed on the user's PC is unable to run, and thus stops it from
transmitting confidential information.
IT managers should raise awareness about spyware across the
business and help educate end-users about the risks it poses. This
education should spread from the board down to the lowest tier of
the organisation, as anyone who has access to computer equipment
can be inadvertently putting the company at risk.
IT managers should also ensure that provisions for spyware are
included in the company internet use policy. Spyware presents such
a high risk to confidentiality and intellectual property that these
responsibilities should not be delegated, and should be grasped
before damage occurs.
Checking for spyware is in itself a challenging task. Some software
will check and remove spyware from individual systems, but these
often require manual effort. Spyware developers are always looking
to circumvent spyware-checking programs so the IT department is
always playing catch up. As with all security threats, a layered
approach is recommended.
Frank Coggrave is UK regional director at
Websense