Search for:

Articles 

Contact us 

Media 

News 

Events 

Links 

Free Downloads 

 

Special Report > Archives > Back Home

  

 
The Hidden Costs of Spyware
By Kevin Haley

Most IT managers don’t need the statistics to convince them that spyware is becoming a problem in their organizations. Spyware, and its less harmful cousin adware, are bogging down enterprise networks around the world, while stealing personal information, enabling identity theft and tracking online information.

However, despite the obvious risks associated with spyware, organizations have not been able to measure the financial impact on their organization. A recent report by Forrester found that 56 percent of customers cannot estimate the disruptive impact of spyware on help desk calls, while 30 percent of respondents did not know what percentage of systems were infected with spyware.

Adware, while not as harmful as spyware, can prove to be just as costly as spyware. The pop-up ads that often accompany spyware can hog network bandwidth, bog down user’s systems, and ultimately impact productivity.

While spyware’s obvious threat lies in its ability to steal sensitive personal or business-related data, the following hidden costs can be nearly as harmful to an organization:

Help desk calls
The number and percentage of help desk calls related to spyware has gone through the roof in recent years. META Group has estimated that cleaning infected clients can represent 20 percent or more of help desk efforts, while other analyst firms have estimated as many as 33 percent of help desk calls are spyware-related.

Network traffic impact
One of the more troubling aspects of spyware for IT administrators has to do with its unexpected impact on network performance. System crashes, bogged-down Internet connections, and unusual Web browser behavior all fall into the category of performance impact. Programs that score higher in this category can produce wasted hours of troubleshooting and disruptions. A sample of application behavior considered for performance impact includes the following:
  1. Does the program slow down the system or network connection?
  2. Does the program impact system stability?
  3. Does the program launch pop-up advertisements? If yes, how frequently?
  4. Does the program serve as a means of downloading and installing other security risks (e.g., additional spyware and/or adware)?
  5. Does the program replace the browser home page or alter search options/behavior?

Additionally, adware is often more predominant in an organization than spyware. . Similar to spyware, some forms of adware will install itself without any human interaction. Adware can risk the disclosure of confidential data by unknowingly redirecting individuals to “look-alike’ Web sites. While it is less harmful, it is constantly eating up network traffic in order to pull down graphical ads. IT managers should consider adware as a potential source of network impact.

Employee productivity
Employee productivity is difficult to measure in terms of financial impact, but employees who are constantly fighting spyware and adware on their systems are inherently less productive. Also, if spyware is not identified as the problem, PCs are often replaced without getting to the root of the problem.

A 2005 Forrester Research survey of IT decision-makers found that 40 percent of respondents didn’t know how many systems in their organization were infected with spyware. Those who could measure the number of systems infected with spyware found that about 20 percent of systems were infected, and the number is growing rapidly.

Fighting Back
While it’s difficult, or perhaps impossible, to completely eliminate spyware from the enterprise, IT can take steps to drastically reduce its financial impact on the organization. Obvious steps include installing an antivirus solution enterprise-wide. To strengthen their defenses, businesses should also consider implementing additional security precautions like securing encrypted Internet connections, implementing more restrictive Web browser settings, and disabling the acceptance of third party cookies. In order to deal with Spyware’s hidden costs, enterprise IT managers should consider taking the following steps to mitigate risks.

Conduct a thorough examination of help desk calls to determine how many of those could be categorized as spyware in order to determine the scope of the problem within the organization. Search for key phrases such as poor system, email or application performance as well, to capture all possible incidents of spyware or adware infections. IDC estimates that 67 percent of all computers have some form of spyware.

Examine bandwidth usage to identify changes in bandwidth to determine if adware is impacting the network. Examine where connections are directed in order to block specific URLs.

Conduct full system scans before immediately replacing employee PCs that might be bogged down with spyware. Often systems can be salvaged by utilizing a good antispyware solution. Also, educate employees on the effects of spyware which can be associated with downloading applications that are not approved by IT.

Educate users on the difference between spyware and adware. Spyware has been used to conduct malicious attacks and further identity theft, while adware is often used to gather data for marketing purposes and has a valid, generally benign purpose. It is important to understand that adware is generally not as malicious as spyware, but it is much more prevalent in the enterprise and its hidden costs tend to be just as high. Users may not take issue with the pop-up ads that accompany software they have downloaded on their machines, but pop-up ads can impact a user in many ways, including productivity and network bandwidth. Employees should be aware of the risks both pose to the enterprise and should aware of steps they should take if they suspect their systems are infected with spyware and/or adware.

Create and follow corporate-wide policies for software download and installation. Both spyware and adware can be automatically installed onto users’ systems along with file-sharing programs, free downloads, and freeware and shareware versions of software, or by clicking on links or attachments in e-mail messages, or via instant messaging clients.

Educate users regarding end user license agreements (EULAs). Some threats can be installed after, or as a by-product of accepting the EULA. Read them carefully to examine what it means in terms of privacy before deploying software on your corporate network and urge users to do the same. The agreement should clearly explain what the product is doing and provide an uninstaller.

Educate users to watch for programs that flash ads in the user interface. Many spyware programs track how users respond to these ads, and their presence is a red flag. When you see ads in a program’s user interface, you may be looking at a piece of spyware.

As dependence on technology continues to grow, enterprises are confronted with the mounting challenges posted by spyware and adware—including decreased productivity, increased calls to the help desk, and network impact—and need a solid plan to regain control of their environment and systems. Failing to do so could result in the most costly and difficult figure to account for - the financial consequence to a company’s brand integrity and trust in the marketplace should an information system breach occur. There have been several high profile examples this year that can serve as case study examples of the reputation damage that occurs when a data security leak becomes public. A thorough plan including product, policies, education, and planning is needed to address the entire financial impact of spyware.

About the Author:
Kevin Haley is the director of product management at Symantec Corporation.

<< Previous Page

© IMPIRE Communications, LLC All Rights Reserved.  Website designed & managed by Oculus Networks