Home > Security

Computerworld - Like most oblivious users, I've never given much thought to spyware. I've always shrugged it off as just another slimy advertising gimmick in an online world chock-full of them. But as any security expert will tell you, anybody who surfs the Net has spyware on his machine.
Whatever you call it -- adware, sneakware or snoopware -- spyware is a catch-all term for any hidden software program that surreptitiously monitors your Web activities or gathers data without your knowledge. At its most harmless, spyware tracks your Web shopping pathways and gives marketers new numbers to crunch. At its most toxic, it may be monitoring your keystrokes, installing programs, scanning files or even turning on a webcam to secretly film you.
Yet, until recently, spyware has been seen as mainly a consumer, home-user concern -- a perpetual hot button among privacy advocates, but hardly a significant corporate IT security risk. That view is changing, however, and once you read Robert L. Mitchell's "Spyware Sneaks Into the Office" , you'll see why. The story makes a strong case for paying attention to this menacing but silent invader of corporate networks.
What kind of menace are we talking about? For starters, spyware is doing the following:

• Interfering with regulatory compliance efforts. Companies must comply with a complex legal web of privacy regulations and data protection mandates today. When spyware is loose in your environment, you can no longer guarantee that corporate information is secure. Unauthorized, untested software on corporate laptops basically blows a hole in your carefully crafted security policies.


• Generating even more spam. When spyware finds e-mail addresses, it obligingly sends them back out over the Internet to be traded, shared or sold to spammers. Users clueless enough to click on product ads within the spam may be downloading additional spyware.


• Devouring network resources. One LAN administrator quoted in our story discovered multiple spyware programs running on 200 desktop PCs when he investigated complaints about lousy network performance and proliferating pop-up ads. When his ever-helpful users tried to block the pop-ups by downloading freeware to do the job, even more spyware rode in with the free software.

Ah, freeware. Or not-so-free ware, as it turns out. Bundling in adware programs is all part and parcel of the way distributors make money on freeware . Exhibit A is the wildly popular Kazaa Media Desktop, a kitchen-sink collection of peer-to-peer file sharing services that also delivers multiple adware programs (and much worse). If downloading freeware isn't already outlawed in your company, it should be.
Which brings us