6. True, no-one actually wants spyware, but it comes as part of that cool application that users do want. So spyware gets installed anyway.

Spy trap

So what can companies do to minimize internal threats?

First, make a Web filter a required part of the network security arsenal. This should prohibit users from visiting known spyware and ‘drive-by download’ sites.


Second, deploy an effective email filter that blocks spyware from entering the network via active HTML, attachments, phishing and spam. There also needs to be protection at the desktop to stop spyware as it’s introduced.

Finally, implement a solution that disallows running or installing programs that in turn install spyware.

Put simply, to keep the burglar out of the basement, organisations need to remove the ability of employees to let the burglars in, in the first place. They need to implement tamper-proof solutions that users cannot easily evade – no matter what the external inducements.