Spyware threatens corporate integrity, customer trust

A recent survey of more than 500 IT managers found that an overwhelming majority ranked spyware among their top three IT priorities for 2005.

Eighty-seven per cent of participants also believe the spyware problem will get worse before it gets better, according to the survey, which was conducted

online last month by TechRepublic, an Web-based resource for IT professionals. The survey was commissioned by security vendor Trend Micro Inc.

While 45 per cent of small enterprises (fewer than 500 employees) and 57 per cent of large enterprises (more than 500 employees) believe anti-spyware is most effectively deployed at the gateway, only 15 per cent of small businesses and 26 per cent of large businesses have it deployed there, the survey reported.

“”They are not on top of spyware,”” said Jack Marsal, senior product marketing manager, Trend Micro. “”Spyware has changed over the last year to year and a half and become much more of a problem with the addition of adware.””

Adware is a for-profit kind of spyware that significantly slows down computers and can cause them to crash. The survey found that 95 per cent of companies report that adware is frequently found within their organization.

According to Gartner Group more than 25 per cent of help-desk time is wasted due to spyware. “”The problem is out of hand,”” Marshall said. More than 90 per cent of those surveyed said they’ve seen an increase in the amount of spyware on their networks in the past three months.

When it comes to IT security here, Canadian businesses also placed spyware near the top of their lists of concerns. An IDC Canada survey of Canadian companies conducted last summer showed that IT managers are concerned about viruses, security incidents or breaches, firewall and hacking or threats.

While many of these respondents indicated that their No. 1 purchase in the next 12 months would be anti-virus software, Joe Greene, vice-president of IT security research at IDC Canada, said they’re also looking at upgrading their network products to improve their perimeter defence.

Guarding the perimeter

This is one of the easiest ways companies can guard themselves against spyware, said Brian O’Higgins, chief technology officer at Ottawa-based Third Brigade Ltd.

“”Doing something on the network or gateway could be quite effective very quickly,”” said O’Higgins. Anti-spyware software should also be deployed at the desktop level, he said. “”End users are always going to browse Web sites and catch stuff. You can’t drive everything on servers.””

While traditional big security spenders, such as financial services and government agencies, are on top of these kinds of security breaches, many small- and mid-sized companies are often caught off guard, said Greene.

“”Banks have a good handle on what’s going on here,”” said Greene. “”But many companies do not. The market right now for medium, small companies is reactive rather than proactive. They’re only going to do something if something really happens to them.””

O’Higgins said companies need to invest in a solution or face the consequences, which can often end up costing them more as a result of lost time and productivity.

“”The companies that generally spend more money on security are aware of the issues and they’re the first ones to roll out these tools,”” said O’Higgins. “”The people that don’t spend a lot of attention to security are the ones that get bitten. They got hit by worms and viruses and now they’ll get hit by spyware.””

Top spyware-related concerns include, lowered computer performance and loss of confidential personal or corporate information — something companies need to be wary of in the wake of regulations and compliance laws such as PIPEDA and Sarbanes-Oxley, O’Higgins said.

“”You worry about disclosure of sensitive corporate data and customer data. Your data generally lives on your servers. But if a user has got some spyware that’s logging his keystrokes it could do all kinds of bad things. For a lot of legal and regulatory reasons they (users) need to be concerned about it,”” he said.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs