Combating Spyware in the Enterprise

When spyware first began appearing in corporate networks, it was generally seen as a nuisance and not as a threat to the entire enterprise. Typically, it was isolated to a handful of employees who may have been surfing to a not-sonice place on the Web. In more recent years, spyware has taken on a much more prominent role in enterprise network security. Today, spyware presents a very real risk including malicious Trojan encapsulation and unauthorized access to sensitive information, and can open your network to would-be intruders via the use of backdoors. In this chapter, we will discuss some of the more common threats that spyware presents to the enterprise.
Spyware is an emerging threat in the corporate enterprise as well as in the typical home-user environment. In prior years, this threat was seen as a nuisance and as just another issue to deal with, similar to spam. In recent years, however, just as the criticality of spam filtering has increased due to the use of embedded images, phishing, and embedded viral code, the criticality of properly controlling spyware has also increased.
The use of spyware has been increasing dramatically, and as its use increases, the capabilities of the technologies used in the spyware increase as well. Spyware has progressed a long way from just capturing what URLs a user has browsed to through the use of cookies or transferring information between Web sites. The introduction of keystroke loggers, more advanced methods of spyware distribution, and increased capability for...