Time to own the spyware problem

Last week Forrester Research released “Anti-Spyware Adoption in 2005,” a study by analyst David Friedlander with Natalie Lambert, that included some surprising stats. What struck me most was that 39 percent of respondents, dubbed “technology decision makers,” did not know the percentage of desktops infected with spyware in their organizations. Perhaps they didn’t know because 56 percent were unsure of what percentage of help desk calls were related to spyware issues.

IT departments cannot hide their heads in the sand. If you ease your conscience by telling end-users to install anti-spyware software, you are only fooling yourself.

The Forrester report says that, on average, 7 percent of all help desk calls are made in response to spyware infections; Dell’s own estimate is 20 percent.

As an exercise, take 7 percent of the number of support calls you received last month and multiply that by what you believe the average cost of a single call is. (Dell claims $35 per call, on average.)

I spoke with Forrester’s Friedlander on this issue, and he didn’t paint a happy picture. Spyware, he says, is getting more prevalent — and more malicious — on desktops.

“The big thing with spyware is it is financially motivated, which is not usually true of viruses,” Friedlander says.

Although key loggers are being used to steal personal passwords and credit card numbers today, who’s to say they won’t be used for full-fledged corporate espionage tomorrow?

Andy Ostrom, director of marketing at InterMute, makers of SpySubstract Enterprise, also notes that browser-hijacking software is getting tougher to remove. If you don’t get every last bit of code, it comes back.

Scarier still, according to Ostrom, InterMute has seen phishing attacks move from e-mail into spyware. A spyware application might pop up a dialog that warns you of a problem with your account only to redirect you to a look-alike site.

Steve Workman, director of product management at LANDesk Software, says that fobbing off the problem to the end-user is extremely shortsighted. Relying on end-users to decide what is and isn’t spyware doesn’t really protect the organization. And, as any IT manager knows, just having end-users install an application can turn into a disaster. Imagine 10,000 users clogging up the network by installing individual anti-spyware applications and downloading spyware definitions.

LANDesk Security Suite centralizes spyware definitions and updates in one spot. LANDesk’s subscription service keeps an up-to-date content list of new spyware definitions as they become known and sends customers updates.

LANDesk, as it turns out, is mostly owned by Intel. Workman tells me his company is participating with the giant chipmaker in its Active Management Technology initiative, which will provide management capabilities at the chip level, allowing IT to manage a device before the OS loads. For example, if policy dictates that a machine needs to be at a certain patch level, Active Management will keep spyware under control even before the machine is logged on to the network.

Nevertheless, you can’t let Intel or end-users fight your battles for you. It’s up to IT to take charge of the spyware problem now before it morphs from an annoying end-user problem into a full-blown corporate crisis.