Spyware's adversary is software, policy, and action

Annihilating spyware is a must for businesses trying to stay competitive. To proactively address the continual onslaught of spyware, clamp down on open access to the Net, educate network administrators, set and enforce Internet use policies for staff, and continually update anti-spyware software.

Whether you choose Spybot-S&D, SpySweeper, or any of a myriad of products to detect spyware on the computers at your small business, one product alone won't do the job. You'll need a comprehensive approach to rutting out spyware, according to Robert Siciliano, author of "The SafetyMinute :01"

A true anti-spyware plan of attack must include the following:

  • Installation of more than one type of anti-spyware software
  • Regular updates to spyware definitions
  • Regular scans of desktops
  • A security policy
  • Training for staff and administrators on the damage spyware does to a business

Siciliano's Boston-based company, ID Theft Security, has been fighting the battle against spyware since 2003, says Siciliano. So far they're winning. But it's been an expensive battle as Siciliano estimates that spyware has cost his small business of only 18 work stations well over $20,000 in lost productivity.

Spyware infiltrates

Although spyware began attacking his enterprise in 2003, the blow to productivity really began in 2000 with pop-up advertising. The ads were such an annoyance to his sales staff that Siciliano purchased LavaSoft Ad-Ware, a product designed to swat pop-ups.

But then came 2003 and spyware. Business was grinding to a halt, as CPU capacity maxed out when spyware began taking over.

"My employees were wasting a good hour to two hours a day just sitting there with the PC bogged down because the bandwidth was so slow," says Siciliano.

"In addition to the loss of bandwidth, we started to see different things happening to different hubs and servers. We traced it back to what we considered to be spyware," says Siciliano.

Because ID Theft Security's staff was a group of heavy Internet users, the problem compounded rapidly. "More than likely we were just getting [spyware] from surfing the Net. Some of the employees were downloading stupid stuff, like tool bars that would tell you what the temperature was outside. They were downloading screensavers, peer-to-peer programs, ridiculous programs that would be billed as something that would clean out your registry, but in fact weren't."

Siciliano declares war

Siciliano turned to his IT director and a young IT prodigy to address the issue. In early 2003, before they knew of anti-spyware, the team worked on the problem manually—a painstaking process of looking into the C: drives of every computer to identify and delete programs that shouldn't be there.

"We found malicious programs on our C: drives that were hidden under a variety of different names that looked like they might have been simple programs, but were in effect spyware programs," says Siciliano.  In some machines, it took repeated efforts to rid the machines of spyware, involving a delete, reboot, and delete again process. Still spyware kept on coming back. So Siciliano escalated the anti-spyware campaign.

Siciliano describes his initial approach as very reactive. "It was really a work in progress," he says. "We kept being bombarded by different programs. As proactive as we wanted to be, we were always reactive because new things would pop up."

Among Siciliano's next steps were to clamp down on the Net activities of his workforce. He added a self-written security policy and told the staff they were not to download anything from the Internet. Periodically, he would update the policy and reinforce the changes with more training.

He also added desktop monitoring software to the frontline computers for new hires. The computer monitoring takes snapshots and records keystrokes throughout the day. A wrong move during their first few months, and the new employees didn't stick around for long.

"I didn't want to have that Big Brother-Type atmosphere in my company," says Siciliano. "I explained to them, you're eating up my bandwidth, you're wasting my valuable time. It seemed to work."

In the latter part of 2003 and early 2004, Siciliano installed Spybot-S&D and Norton Security on all the workstations, which took care of most of the remaining issues.

"The programs are low cost and they do the job," says Siciliano. "I run them both and have them scheduled to run late at night, 2 to 3 in the morning. My Norton's Security picks up stuff that the Spybot and Lavasoft does not."

Today, due to regular efforts of his two-person system administrator team, who spend a combined eight hours a week administering the network, ID Theft Security's workstations are free of Spyware. "I do not have pop ups, I do not have spyware, and my bandwidth is, well, I'm flying," he says.

Every small business should have solved their spyware problem by now, says Siciliano. To continue to battle with spyware is to continue to waste valuable staff time and computing power.

"This is 2005, how can you allow that to happen," says Siciliano. "It's a constant battle. If you're not paying attention, then you're going to get bit."

Editor's Picks

Free Newsletters, In your Inbox