Trend Micro released a new study this week showing that while awareness of spyware issues is increasing, a great deal more education is needed to control the problem.
The study showed that even though 87 percent of corporate end users at least know what spyware is, about 53 percent of the survey’s respondents say they’d like more education from IT staffs or resellers who can help them understand the threat better and how to combat it most effectively.
The study surveyed 1,200 end users from organizations in the United States, Germany and Japan, ranging from corporate to small-to-midsize-business (SMB) organizations. As this and other recent studies have shown, the number of spyware incidents is growing, especially in the SMB space, resulting in lower computer performance, loss of productivity, loss of connection bandwidth, malicious downloads and violations of privacy.
About 40 percent of the study’s respondents in the United States reported encountering spyware incidents, while 14 percent of the Japanese and 23 percent of the German respondents said they had run across sypware on their PCs. And in all three countries, reports of spyware incidents was greater in SMB organizations than in larger enterprises.
Among businesses that have internal IT organizations, nearly 40 percent of U.S. respondents said their IT departments “could do more” to protect them against spyware. The Japanese respondents voiced similar concerns. But among those who said they had encountered spyware at work, only 45 percent -- a mere 7 percent in Japan and Germany -- believed they had actually fallen victim to any kind of a scam, which, the study’s authors say, “reveals a striking distinction between end-user awareness of the spyware threat and whether corporate end users are knowledgeable enough to identify spyware infiltration, which quite often occurs without end users knowing it.”
Security resellers say this disconnect between awareness of the problem and taking action to prevent spyware attacks is precisely where end users need to improve their policies.
“There was a huge outcry over spyware at this time last year, and a lot of vendors have come a long way with antispyware solutions since then,” says Tom MacArthur, a principal at Storbase, a security solutions consultant and Symantec reseller in Waltham, Mass. “More products are available, but in a lot of cases, people are still not using them. We still see people relying on antivirus or firewall tools to solve the spyware problem.”
More than half the survey’s respondents say they expect their IT departments to provide further education along with better protection, but even with this apparent awareness, many respondents admit that they are more likely to engage in risky online behavior if they can rely on an IT department for support.
“They see it as a nuisance but don’t understand that the greater risk of spyware is that the programs are there to steal information,” MacArthur says.
Trend Micro officials advise companies to deploy multilayered security strategies, with antivirus and content security that protects the corporate computing environment from spyware and other “blended” threats. The layered defense approach can help thwart threats from inside or outside network borders.