It started out as a trickle. Our help desk was getting calls about slow PCs, Web browsers that werent functioning correctly and home pages that had magically changed to some site called “aboutblank.” Soon, the drip turned into a stream of phone calls with the appearance of additional tool bars, rogue registry entries and Web browsers that were popping up stuff all over the screen. Then, here in Florida, hurricanes Charley, Frances, Ivan and Jeanne seemed to coincide with the flood of adware and spyware that inundated our network and swamped our clients.
Seemingly overnight, these software parasites have become a big problem that our $200,000 worth of firewall, anti-virus, Web content and anti-spam tools cant touch. Out of 400 users, we are rebuilding on average two machines per week due to unremovable spyware that rendered the computers inoperable. Updated service packs help, but only marginally. Im getting tired of playing defense. Every time Ive reduced my spam to only 10 percent, gone an entire year without contracting a crippling virus and kept under the radar screen from denial-of-service attacks, wham! Theres yet another application, another server, another layer of protection, another expense we have to eat in order to keep other people from forcing stuff on us that we dont want.
I have two options: kill our Internet use entirely or seek out more tools to keep the crap out, which is a bone of contention in itself. Why isnt my enterprise anti-virus software stopping the onslaught of spyware? I consider it splitting hairs to differentiate between viruses and spyware. Its like going to the doctor and being told he or she cant treat you because your insurance covers only viral infections, and your infection just happens to be bacterial. Its ludicrous.
Just so were all on the same page: Spyware is a virus. There. I said it. Spyware loads without the users permission, it runs invasive processes and it will eventually burn down your machine. Look around, and you will find anti-virus software vendors beginning to address the spyware problem by adding modules to their products, which, of course, cost extra since they dont consider spyware a virus. The anti-virus vendors dictionaries are woefully inadequate, stopping less than 50 percent of the parasites. To really put a dent in the current spyware/virus problem, it would require loading three or more separate spyware clients, where each products dictionary identifies spyware that the others had missed.
So its off to the Internet to seek the best enterprise adware/spyware blocker money can buy. It would be nice to find an application that offered a site manager that would allow us to push it out to the clients and monitor and update them at the enterprise level. Oh, well. Wheres my wallet?
Brett Arquette is chief technology officer for the Ninth Judicial Circuit Court in Orlando, Fla., and editor in chief of the Court Technology Forum (www.courtechforum.com). His e-mail address is [email protected]. Free Spectrum is a forum for the IT community and welcomes contributions. Send submissions to [email protected].
Be sure to add our eWEEK.com security news feed to your RSS newsreader or My Yahoo page