Enterprises use freeware to beat cyber-spies

Freeware application SpyBot Search & Destroy is the most popular anti-spyware tool used by Australian enterprises, according to a report on the domestic security market by analyst firm Frost & Sullivan.Commenting on the Australian Information Security Satisfaction Monitor (AISSM) study, its author, Frost & Sullivan security analyst James Turner, said although the result was unusual, he was not surprised that a freeware application could take first spot in such an important area of security.

Freeware application SpyBot Search & Destroy is the most popular anti-spyware tool used by Australian enterprises, according to a report on the domestic security market by analyst firm Frost & Sullivan.

Commenting on the Australian Information Security Satisfaction Monitor (AISSM) study, its author, Frost & Sullivan security analyst James Turner, said although the result was unusual, he was not surprised that a freeware application could take first spot in such an important area of security.

"This is so unusual because it is such an important area and yet it is so totally dominated with tools that nobody had paid for," said Turner. "The perceived wisdom is that people want to pay for their products because then they have got a throat to choke, and in some areas that is absolutely the case, but in an area like spyware it is a case of 'but they are such good products'."

In second place came Ad-Aware, an anti-spyware application that is available as both a free version for personal use as well as an enterprise version, which costs around US$28 per user per year.

Turner admitted that the survey did not ask which version of Ad-Aware was being used by enterprises but said he was surprised that Symantec's anti-spyware products could still compete sufficiently -- even though the basic Hosted Mail Security product costs around US$42 per user -- to be placed third.

"Symantec was the top vendor and the fact they were [after SpyBot] it impresses me that a vendor that charges can do so well. Symantec is doing incredibly well," said Turner.

Enterprises under attack
The AISSM report also revealed that Australian enterprises are under attack from both internal and external threats.

According to the report, 57 percent of respondents said they found spyware installed on multiple computers; 22 percent revealed that they have discovered at least one illegitimately installed keylogger on their system, which Turner describes as 'mindblowing'.

"The Sumitomo bank thing at the end of last year is an example of what could potentially go wrong. 220 million pounds nearly got transferred out through completely legitimate channels just because the hackers managed to get the relevant passwords," said Turner.

Turner was surprised that 37 percent of companies do not regularly monitor their security logs -- especially when 36 percent of respondents said they suspect a hacker had broken into their network and 22 percent said they had proof of a successful hack.

When 44 percent of organisations also say that they have lost key employees to a direct competitor, Turner said there is a huge potential reservoir of ill-will.

"Do you know what they have taken with them? Were you able to go back and look at your audit files and say with certainty what files they were accessing in the month or so before they left? Have they taken all your client records or pricing or sales figures," asked Turner.

The AISSM report was compiled with responses from 269 "decision makers", which means those at the CxO level or IT administrators. The survey predominantly covered organisations with at least 100 employees and a broad range of industries -- including government agencies.