Problem solve Get help with specific problems with your technologies, process and projects.

Defining spyware

Spyware is an umbrella term that encompasses a variety of software, some of which your customers may not consider malicious. SearchSecurityChannel expert Russell Dean Vines provides advice on approaching spyware protection for your customer.

The definition of spyware is malleable. How do I determine what qualifies as spyware for my customer?

The spyware label is dropped on almost any piece of code, from annoying adware to keyloggers performing identity theft. While it's true that the definition of spyware is sometimes variable, there are a few fundamental behaviors that can make a piece of software a candidate for the spyware designation. Basically, spyware is any software that gathers information about your customer without their knowledge or permission.

While others may make a distinction between merely irritating software that aggregates surfing behavior for focused pop-ups, versus spyware that executes real monetary fraud, I recommend a zero-tolerance stance. No organization should allow any code to operate that hasn't been vetted by systems or applications development. A blanket policy for your customer should be the elimination of any and all code that executes in a manner outside of the intent and policy of the organization.

While surfing at home, your customer and its users may not have a problem with adware, but at the office, there are desktop resource issues to be raised, in addition to the legal issues.

Dig Deeper on Cybersecurity risk assessment and management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.