Definition

Anti-spyware is software that removes or blocks software  that is installed on a personal computer without the user’s knowledge.

Business applications

Anti-spyware software is an important element in a company’s  security strategy. Without it, businesses are susceptible to data and  productivity loss as a result of spyware-infected PCs. Businesses should  consider implementing anti-spyware on clients to block the installation of  spyware and have anti-spyware-removal tools for cleaning infected machines.  There are many well-known anti-spyware programs, and major antivirus vendors  have also added anti-spyware to their antivirus products.

Concerns

Not all anti-spyware products are created equal. Some give  more than they take away. Rogue anti-spyware programs warn users through Web  banners and pop-up ads that their machine has become infected and promise to  remove the spyware. However, downloading the rogue software does not remove any  spyware and may, in fact, add spyware to the machine. Experts recommend  prohibiting the use of freeware that claims to be anti-spyware unless its  legitimacy has been verified.

While legitimate anti-spyware software plays a significant  role in protecting systems, it is not the end-all. Best practices dictate that  companies discourage the use of Internet Explorer for surfing the Web, which is  at greater risk for spyware infections and ActiveX vulnerabilities than the  less popular Opera or Mozilla Firefox Web browsers. Companies may also block  access to Web sites associated with spyware by configuring their network  firewalls and Web proxies accordingly. The use of shareware, which is also often  associated with spyware, might also be prohibited.

Technical details

Anti-spyware software can be proactive or reactive in its  approach to battling spyware. It can provide real-time protection against  spyware by scanning incoming network data and blocking attempts to install  spyware. Or anti-spyware can periodically scan a machine to detect and remove  spyware that has already been installed.

Similar to antivirus, there are also two ways in which  anti-spyware can detect malicious software. It can take a rules-based approach,  or it can rely on signature or definition files based on current spyware  programs. Of course those signature files need to be continually updated. While  updates are not necessary for rules-based anti-spyware programs, the user must  ultimately determine whether a configuration change flagged by the anti-spyware  is appropriate.