Study: Few corporations use anti-spyware tools

[whatthe]

http://news.zdnet.com/2100-1009_22-5...=zdfd.newsfeed

I don't think this is much of a surprise to most here. Even though it was commissioned by and Anti-spyware software company I guessing the numbers are accurate.

The vast majority of executives and IT managers surveyed, 96 percent, feel that their existing antivirus and firewall software protect them from outside threats, according to the study.

I wonder what the % would be if they asked the people who have to clean the machines?

However, 82 percent of those surveyed said their desktops are currently infected with spyware.

As the article says, obviously most people still don't see it as a threat. But we know better don't we

[Spyder32]

Not many companies (atleast from my perspective) consider spyware to be a big enough, legit problem. Sure it's legit, but they don't classify it as something they need to be aware of and something that is harmful/dangerous.

[whatthe]

Eventually they'll do cost analysis and compare Anti-spyware costs and IT time spent specifically on Spyware and then it will probably change. There were weeks last spring where I spent about 1/2 my work day on cleaning Bargain Buddy, SAHA, CWS, NPO etc.

[fyrewall]

I know I don't feel comfortable unless my machines are as clean as possible. I wouldn't leave spyware just lying around.

[Spyder32]

I know I don't feel comfortable unless my machines are as clean as possible. I wouldn't leave spyware just lying around.

Same, and I value the "malware threat" just as credible, dangerous, and malicious as the virus, trojan, and worm threats.

[whatthe]

It's like coming home and finding your front door open. You may have left it open but you're not sure if anyone is there until you check the whole house

[MrLinus]

I wonder if there are a few of issues here:

1) How many administrators are under the impression that spyware can only be dealt with on a computer-by-computer basis? That is, they are unaware that there are products out there designed to deal with spyware before it hits the user.

2) And finally, how many administrators believe that spyware only tracks things like where you go rather than taking over a machine (ala trojan).

It wouldn't be surprising that few implement even simplistic fixes for IE on their users machines. The idea that it takes too long often seems to override the security need. And yet, time and again, it's been proven that implementing most security measures reduce administrative time.

Interesting none-the-less. We probably won't see major shifts in this until AV manufacturers include it as part of their products (I'm surprised they don't) and/or until there is a major public breach based on spyware.

[Spyder32]

Well, MsM, as many know I've switched from IE to Firefox for some time now. I'd also recommend it to virtually everyone who is still using IE unless they patch it correctly, etc. Now IMO it's the lack of knowledge and information (as MsM suggested) that get's administrator's in the end because they don't know to much about the whole spyware ordeal.

Just my two pesos...

[Tiger Shark]

I have to admit a certain amount of guilt here too....

Until the advent of the Bleeding Snort Malware rules, (here), I would deal with it when I found it but wasn't really too concerned with it from the POV that locking the systems too hard keeps my equally if not more busy dealing with the "I can't do [insert issue here]" problems. Since implementing the rules, (which are a very limited set of the whole but seem to catch the most common and intrusive), I have had a change of heart.

For the last couple of months I have been waging a war against this crap.... and theres plenty of it out there. My public access machines were obviously the worst.... These people have no responsibility to the integrity of the systems and know it. I had the personal email and stuff pretty well locked down but the SurfControl system I use just doesn't/can't keep up with the unadulterated crap out there that people want to/feel the need to visit and screw up the setup with, (I can't use DeepFreeze or any other "re-imaging" system because of some of the apps used on the machines).

Then there's my "underworked" company employees who manage to find this crap without coming high enough to show on the radar......

That's all changed....

The public access boxes have been locked down quite significantly, (I'd love to only allow certain web sites to be accessible but I have to allow a great amount of flexibility due to what the users are _supposed_ to be doing on them, (mostly jobsearch so, believe it or not I can't block casinos because we have them in town and the users may be *cough* "relocating"), but I can't without spending a lifetime working out which are actual casinos that employ people or simply online systems that the users have no qualifications for.... *sigh*). Unfortunately, it's not a silver bullet because the spyware seems to find a way to hijack the start page or whatever though it has cut down their ability to riddle the box with rubbish as I witnessed today as I watched some moron have his browser hijacked by seeq.com and then try to do anything sensible after that.... i fixed it for him and blocked seeq.com.

The underworked employees are getting a single chance. When their box shows as infected heavily, (indicating non-work related activity), I clean it and _ask_ them to clean up their internet use. If they come back up on the Snort box and prove to be heavily infected again their Internet access will be restricted and they can explain it to their supervisor if they can't do their job. If it happens again the internet access will be blocked outright.

The positive thing:-

So far I have cut the T1 use by some 20-25%.... This, of course, is a good thing....

[kurt_der_koenig]

Unfortunately, schools follow the same track. At my former high school, they didn't use anti-spyware programs until some of the students became apprentices under the admin. And now at my college they have a huge deal with it! Especially with the idiots looking at p0rn0, they just don't get a clue! Hopefully things change soon.