·Anti Spy-ware Best Practices
Make a spyware protection company policy. To protect your business’s best interests, anti-spyware protection should be required software on every computer.
Use more than one anti-spyware application
Regardless of what anti-spyware vendors claim, you almost always need more than one program to protect against a lot of adware and spyware. Experts say the best protection you can get is only probably around 70% using a combination of the two leading anti-spyware programs.
Use a centrally managed anti-spyware solution
Centrally managed software usually works best for companies with more than just a handful of computers. Spyware protection is no different. There are several vendors, such as Webroot and CA, which offer such software. If you have roughly 10 or more Microsoft (MSFT) Windows-based computers and want to save time, effort, and money in the long term, you should definitely consider this route.
Use a layered defense
The best defense against any information threat is a layered defense. You have a greater chance of defending against spyware if you use anti-spyware software combined with anti-virus software, personal firewalls, and host anomaly detection/intrusion prevention software. You can even help prevent infections at the network perimeter by utilizing spam and content filtering for inbound emails.
Lockdown your systems
A spyware defense that deserves separate mention is to configure Windows and Internet Explorer to be more secure. There are simple things you can do that will make a world of difference. For starters, make sure your systems are configured to be “hardened” from the elements. Roberta Bragg has written extensively on this topic at SearchWindowsSecurity.com. These hardening tricks are very easy to implement, and you can even push a lot of them out via Active Directory Group Policies.
Also, configure Internet Explorer (or whichever browser you use) to have pop-up blocker protection. This feature is built into most new browsers, and there are several well-known third-party applications for this. A good one for Internet Explorer is the free Google toolbar. It not only blocks most pop-up ads that harbor spyware, it also serves as a quick and convenient way to perform Google queries while browsing the Internet.
Use a more secure browser
Internet Explorer is a huge target for pop-ups, phishing, executable code, and other hacker vectors. If possible, use a more secure Web browser such as Firefox or Opera. These browsers likely have 99% or more of the functionality your users need with less hassle.
Install anti-spyware protection before new computers are deployed
Rather than installing spyware protection and cleaning utilities after you suspect infections, put it on systems before they’re deployed into the wild. For existing systems, simply install your favorite anti-spyware application such as Spybot Search and Destroy, Ad-Aware, or PestPatrol (or a combination of two or more). Let the software clean your systems and simply keep it running full-time in the background to act as a preventative layer to keep your systems protected.
Protect every Windows-based system on your network
Anti-spyware software is no longer just for workstations – it needs to be on servers, laptops, and any system running Windows – regardless of whether or not they are networked. Windows is the OS of choice for most spyware infections (at least for now) so make sure every single Windows-based system has protection.
Remote users might not be receiving updates
If you have remote users, remember that their systems may not be receiving the proper anti-spyware and other software updates.
Educate your users
User gullibility, ignorance, and carelessness are the main causes for infection. People clicking “yes” or “OK” in pop-up windows allowing software to be installed opens up the floodgates. Downloading and running seemingly innocuous programs doesn’t help the cause either. Educate your users on what to do and what not to do. Give them examples of what can happen when spyware infects a computer and how that relates to their everyday job functions. It’s amazing how much buy-in you can get using this technique.
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.