Forty percent of IT managers report the number of spyware-infected workstations has increased in past year, according to Websense survey.
Websense, Inc. (NASDAQ: WBSN), the worldís leading provider of employee Internet management (EIM) software, today announced that 92 percent of IT managers believe their organisations have been infected with spyware, a rogue technology that can secretly collect Web surfing patterns, keystrokes and password information to send back to a host Web site, with or without the userís knowledge. IT managers also reported that an average of 29 percent of their corporate PCs have been infected with spyware. However, only six percent of employees said they have ever visited any Web sites at work that contain spyware.
According to Websenseís fifth annual Web@Work survey conducted by Harris Interactive, there is a major discrepancy between employeesí knowledge and understanding of spyware versus IT managementsí findings on the number of corporate workstations that are actually infected. For example, one-third of employees either do not believe, or are unsure, that their computers could be infected with spyware. However, IT management reported that spyware was on the rise-of those that acknowledged they had a spyware infection, forty percent believe that the number of spyware-infected workstations at their organisation has increased.
One of the most common ways for an employee to download spyware is by using a peer-to-peer (P2P) file sharing application such as KaZaa or Morpheus. Many P2P users do not realise that by downloading a seemingly harmless mp3 file, it may be accompanied by a spyware application. By connecting users directly to each other to download or swap files, P2P networks bypass normal security barriers and can be easily exploited by hackers to spread spyware.
Employees are typically exposed to spyware as a parasitic program that is attached to something useful theyíve intentionally downloaded from the Internet, or been tricked into downloading, or it is surreptitiously loaded by a malicious hacker, said Peter Firstbrook, program manger at META Group. Most employees donít even know they are infected; however, spyware can be merely a nuisance, clogging the network with advertising traffic or pestering the user with pop up ads; or it can be an invasion of privacy and collect what sites theyíve been browsing on; or less often, a security threat that records keystrokes or screenshots that reveal confidential corporate information and potentially create backdoors by revealing passwords and user names.
To help organisations protect corporate computing resources from spyware and prevent confidential information and company trade secrets from leaving the network, Websense Enterprise offers a three-tiered defense against spyware-Websense Enterprise blocks employee access to Web sites containing spyware, stops spyware applications from launching at the desktop, and prevents spyware from communicating confidential information back to third-parties.
One of the largest challenges associated with spyware for organisations is actually identifying the type and potential impact of the spyware, said Geoff Haggart, vice president Europe, Websense, Inc. Websense software allows companies to view any spyware activity and spyware application launches at the enterprise level, so IT managers can gauge their spyware exposure globally and respond quickly.
At the desktop, the Websense Enterprise Client Policy Managerô (CPM) module finds and mitigates the launching of spyware applications on employee machines, whether online or offline via a remote laptop, enabling organisations to effectively manage employee computer use while mitigating security risks and improving IT resource management. In addition, CPM is easily installed and managed on all network desktops and laptops with a single mouse click directly from the Websense central management console, unlike other security solutions, in which IT managers must manually configure the application on each individual computer, or rely on their end users to do so.
At the Internet gateway, Websense Enterprise Security PGô database stops spyware applications in their tracks by blocking the back-channel communication to third parties. Through proprietary processes and the companyís patent-pending WebCatcherô technology, by which uncategorised Web sites accessed by employees are anonymously sent back to Websense for categorisation and added to its URL database, Websense software is able to identify spyware servers and prevent employee computers from transparently sending company or personal data back to unknown third parties.
In addition to helping prevent the unauthorised dissemination of valuable corporate data, Websense Enterprise reporting capabilities allow organisations to identify the presence of spyware applications and other malicious activities on the network in real-time.
For a free 30-day evaluation of Websense Enterprise or more information on protecting your organisation from a wide range of threats including spyware, virus outbreaks, instant messaging and employee hacking, visit www.websense.com
92 percent of organisations with at least 100 employees have been contaminated With Spyware
Yet only six percent of employees believe they have been infected.