by C. David Moll

The desktop is the best place to stop spyware

Opinion
Jun 20, 20053 mins

Today, companies face a major challenge in deciphering which of the latest anti-spyware solutions truly offers protection. Some organizations are fortunate to have budgets and bandwidth to deploy multiple solutions – typically, a desktop and a gateway product. But for many, it’s decision time: fight the spyware battle on the desktop or at the gateway.

If a company determines that a blended desktop-gateway solution is not in the budgetary cards, the next logical choice is desktop. With the nature of business in today’s world of mobile workers and geographically distributed networks, focusing the battle at the desktop must be the essential component of any anti-spyware strategy.

The genesis of this new and growing spyware threat is fairly simple to grasp. According to Gartner and the IDG News Service, mobile PC shipments are growing at triple the rate of traditional desktop PCs. Last year, in an effort to prevent spyware, viruses and other malware from getting on its network, Bank of America required that all workers accessing its network remotely use company-issued laptops. The problem is that many corporate laptops eventually will leave the safe confines of the network, and then a lethal combination of security risks arise: 1) all gateway security protections are nullified, exposing the system to malware, and 2) workers begin to consider the system their personal Web-surfing machine and use it to check the stock ticker, scan the news, check box scores, download music or get movie times. Even just one weekend of honest, leisurely surfing on the Internet (especially if kids enter the equation) can open the door to a lot of problems if the system is unprotected.


The other side: Gateways are the best place to stop spyware

Your thoughs on spyware protection

Join our forum


So what if that laptop winds up with a nasty piece of malware? Once it is brought back into the network, there’s really not much a gateway product can do. A desktop anti-spyware solution, on the other hand, not only can detect and remove current spyware from individual computers, but also provide real-time mobile protection to prevent these infection scenarios from ever playing out. The gateway approach offers only a perimeter layer of defense and leaves the network to suffer from the inside out. In addition, desktop protection has a much lower rate of false positives compared to the gateway because it uses signature-based protection, instead of relying on heuristics.

For companies investigating spyware protection options, it seems logical to first consider the corporate workstyle and its growing corporate dependence on remote workers using mobile computing, not to mention the obvious performance gains offered by the desktop approach. Organizations should also take into account current Webroot research that shows 87% of companies audited in the first quarter of this year have reported spyware infections. Once the entire picture is brought into view, it’s clear that a centrally managed, best-of-breed client/server solution on the desktop must be the cornerstone of any enterprise anti-spyware strategy.

Moll is CEO of Webroot. He can be reached at dmoll@webroot.com.