Desktop anti-spyware software isn't doing the job, IT professionals have concluded.
According to an international survey by proxy appliance company Blue Coat Systems, 72 percent said desktop anti-spyware programs were ineffective in protecting their networks.
Blue Coat surveyed 339 IT staffers who used programs from Computer Associates International (PestPatrol), Kaspersky Lab, Lavasoft (Ad-Aware), McAfee, Microsoft, Spybot, Symantec or Webroot Software.
Eighty-four percent of respondents, from large, medium-sized, and small organisations, reported their spyware problems were the same as or worse than three months ago, Blue Coat said.
This conflicted with findings for home broadband users in the US, whom the National Cyber Security Alliance, an industry body, said saw a reduction in infection from 91 percent in February 2004 to 80 percent in October.
Steve Mullaney, vice president of marketing for Blue Coat, said, "While desktop software is the only answer for consumers, enterprises are likely to see their costs spiral unless they implement a 'defence-in-depth' strategy that includes a gateway anti-spyware solution."
Paul Wood, chief information analyst at email security company Message Labs, said that because spyware was a grey area – encompassing legitimate employer control programs and approved data harvesting as well as Trojan-type material and other malware – it needed expert management.
Wood said IT managers had enough on their plates dealing with frequent Windows security upgrades to thousands of computers, for example, without having to be experts on the latest criminal IT threat from anywhere in the world, hour by hour, day by day.
"We believe desktop software is certainly not as effective as you would expect in this area," he said. "It's a grey area, as well as spam and software for conducting phishing scams, you also get spyware as a legitimate part of applications - for example, music file sharing. It's free but in return the end user license agreement may allow them to use information about your internet activities for marketing."
Another major problem for IT managers relying on a desktop software approach, Wood said, was a lack of speed in response to new threats.
No matter how good the software, there was always an average 10-hour gap between a new threat breaking out and a sample being taken by the software companies through which their products could identify and block the new problem, he said.
"There is a window of vulnerability; it can spread quite considerably. The bad guys are sending out much more quickly and get a certain number out. Safety depends on your specific anti-spyware software identifying something as spyware.
Managed services, like that from Message Labs, route customers' email through central servers. The company has a global operation, which Wood said allowed it to respond to new threats faster.
"Normally, if something happens on the other side of the world, you're not going to know about it until it affects you."