Practice Tip: <B>Protecting Against Digital Spies</b>

Information technology has slowly changed the practice of law. It started with word processing, which provided lawyers a much more efficient tool for producing a written product. Then came computer networking, document scanners, the Internet and e-mail. Each new development offered law firms the ability to provide their services at a lower cost and with fewer resource requirements.

Yet, even as the legal industry leverages IT to deliver enhanced services and improve overall business operations, Internet threats are increasing. According to the latest Symantec Internet Security Threat Report, one of the most significant threats today is malicious code that exposes confidential data such as passwords, decryption keys, keystrokes and more.

Moreover, this malicious code is entering businesses from a widening array of sources. One of the most common delivery vehicles is spyware. According to security experts, millions of PCs in homes and businesses across the world are already infested with spyware. Yet, for all its ubiquity, it remains a relatively misunderstood threat.

What is Spyware?

Spyware is software that secretly gathers information about a person, system or organization and relays that information to a third party over the Internet. Some spyware simply tracks the kinds of online advertisements a user chooses to follow, then replaces random ads with more relevant material.

However, other spyware programs have much more malicious intentions. These programs monitor keystrokes, scan files and snoop other applications such as e-mail and continuously send their findings back to the program's author or some other unknown user. This information, in turn, is either used by the recipient or sold to yet another unknown party.

Regardless of its intentions, spyware never announces itself. Furthermore, once installed, spyware is often difficult to remove as it entwines with critical system files.

Spyware's pervasiveness is due in large part to its covert nature. In most cases, users are unaware that their system is housing such code. What's more, those who are aware may not know how spyware got on their systems.

In actuality, users typically download spyware ' unknowingly ' when they install another program, particularly freeware or shareware. Freeware and shareware end-user license agreements sometimes refer to their adware or spyware components, although often using very ambiguous language. Because it piggybacks on programs the user explicitly invites and installs, firewalls allow it to pass right through.

Reducing Exposure

Spyware has serious implications for law firms. Spyware might not only jeopardize the confidentiality of client information, but it might also put that information into the hands of individuals or groups who could use it to hurt a client. Correspondence, subpoena documents, deposition transcripts, memoranda ' all electronically created, stored and transmitted information is at risk.

Protecting against this threat requires technology and best practices, as outlined in the following recommendations.

• Revise information security policies.

Users often unknowingly engage in activities that risk exposure of confidential information. Updating information security policies to prohibit users from downloading freeware or shareware protects against spyware, educates users about its dangers, and heightens employees' awareness of its prevalence.

Organizations that support business use of certain freeware or shareware programs should consider purchasing ad-free versions of the same programs in order to mitigate their risk.

• Use a desktop antivirus program.

A growing number of antivirus applications now detect non-virus threats such as spyware, adware, and keystroke loggers. As with all security software, antivirus programs must be kept up-to-date for maximum effectiveness.

In addition, users are advised to use security software from trusted vendors only. A number of recent anti-spyware solutions have been found to actually introduce the adware components they purport to eradicate. Although some of these programs are free and, consequently, may appear to be a very cost-effective solution to the spyware problem, vendor reputation is a factor that must be seriously considered when selecting protection solutions.

• Use a desktop firewall.

While it is true that spyware enters a computer without alerting firewalls, the code's outbound activities can trigger a firewall that is configured to monitor when any application, whether spyware or a Web browser, attempts to access the Internet. Then, depending upon user preferences, the spyware can be blocked or allowed outbound access.

• Use a combination of ad-blocking and content-blocking software.

Spyware that exists within the HTML code on a Web site can be thwarted by ad-blocking and content-blocking software. This software prevents pop-up ads and hostile scripts from installing spyware and other malicious code when a user visits a malicious Web site.

• Delete or block unwanted cookies.

Technically, cookies are not spyware. In fact, cookies are often used by legitimate Web sites to remember user preferences each time the user returns to the site. However, adware cookies are also increasingly being used to track users' overall surfing habits. Consequently, removing user-tracking cookies reduces some of the negative impact of spyware and adware.

Several housekeeping utilities are available that clean cookies, cache, and other Internet clutter safely and quickly. In addition, newer browsers give users more control over cookies, including the ability to block them according to their domain name.

• Read license agreements.

If company information security policies allow users to download software that is not explicitly specified in the policy, then users should carefully read license agreements before downloading a program. In particular, users should look for language pertaining to profiling or sharing user information with vendor partners for marketing purposes.

However, it is equally important to recognize that many end-user license agreements either do not acknowledge their spyware components or word them in such a way that it is impossible for the user to understand. In such cases, users are advised to proceed with caution.

Information technology has slowly changed the practice of law. It started with word processing, which provided lawyers a much more efficient tool for producing a written product. Then came computer networking, document scanners, the Internet and e-mail. Each new development offered law firms the ability to provide their services at a lower cost and with fewer resource requirements.

Yet, even as the legal industry leverages IT to deliver enhanced services and improve overall business operations, Internet threats are increasing. According to the latest Symantec Internet Security Threat Report, one of the most significant threats today is malicious code that exposes confidential data such as passwords, decryption keys, keystrokes and more.

Moreover, this malicious code is entering businesses from a widening array of sources. One of the most common delivery vehicles is spyware. According to security experts, millions of PCs in homes and businesses across the world are already infested with spyware. Yet, for all its ubiquity, it remains a relatively misunderstood threat.

What is Spyware?

Spyware is software that secretly gathers information about a person, system or organization and relays that information to a third party over the Internet. Some spyware simply tracks the kinds of online advertisements a user chooses to follow, then replaces random ads with more relevant material.

However, other spyware programs have much more malicious intentions. These programs monitor keystrokes, scan files and snoop other applications such as e-mail and continuously send their findings back to the program's author or some other unknown user. This information, in turn, is either used by the recipient or sold to yet another unknown party.

Regardless of its intentions, spyware never announces itself. Furthermore, once installed, spyware is often difficult to remove as it entwines with critical system files.

Spyware's pervasiveness is due in large part to its covert nature. In most cases, users are unaware that their system is housing such code. What's more, those who are aware may not know how spyware got on their systems.

In actuality, users typically download spyware ' unknowingly ' when they install another program, particularly freeware or shareware. Freeware and shareware end-user license agreements sometimes refer to their adware or spyware components, although often using very ambiguous language. Because it piggybacks on programs the user explicitly invites and installs, firewalls allow it to pass right through.

Reducing Exposure

Spyware has serious implications for law firms. Spyware might not only jeopardize the confidentiality of client information, but it might also put that information into the hands of individuals or groups who could use it to hurt a client. Correspondence, subpoena documents, deposition transcripts, memoranda ' all electronically created, stored and transmitted information is at risk.

Protecting against this threat requires technology and best practices, as outlined in the following recommendations.

• Revise information security policies.

Users often unknowingly engage in activities that risk exposure of confidential information. Updating information security policies to prohibit users from downloading freeware or shareware protects against spyware, educates users about its dangers, and heightens employees' awareness of its prevalence.

Organizations that support business use of certain freeware or shareware programs should consider purchasing ad-free versions of the same programs in order to mitigate their risk.

• Use a desktop antivirus program.

A growing number of antivirus applications now detect non-virus threats such as spyware, adware, and keystroke loggers. As with all security software, antivirus programs must be kept up-to-date for maximum effectiveness.

In addition, users are advised to use security software from trusted vendors only. A number of recent anti-spyware solutions have been found to actually introduce the adware components they purport to eradicate. Although some of these programs are free and, consequently, may appear to be a very cost-effective solution to the spyware problem, vendor reputation is a factor that must be seriously considered when selecting protection solutions.

• Use a desktop firewall.

While it is true that spyware enters a computer without alerting firewalls, the code's outbound activities can trigger a firewall that is configured to monitor when any application, whether spyware or a Web browser, attempts to access the Internet. Then, depending upon user preferences, the spyware can be blocked or allowed outbound access.

• Use a combination of ad-blocking and content-blocking software.

Spyware that exists within the HTML code on a Web site can be thwarted by ad-blocking and content-blocking software. This software prevents pop-up ads and hostile scripts from installing spyware and other malicious code when a user visits a malicious Web site.

• Delete or block unwanted cookies.

Technically, cookies are not spyware. In fact, cookies are often used by legitimate Web sites to remember user preferences each time the user returns to the site. However, adware cookies are also increasingly being used to track users' overall surfing habits. Consequently, removing user-tracking cookies reduces some of the negative impact of spyware and adware.

Several housekeeping utilities are available that clean cookies, cache, and other Internet clutter safely and quickly. In addition, newer browsers give users more control over cookies, including the ability to block them according to their domain name.

• Read license agreements.

If company information security policies allow users to download software that is not explicitly specified in the policy, then users should carefully read license agreements before downloading a program. In particular, users should look for language pertaining to profiling or sharing user information with vendor partners for marketing purposes.

However, it is equally important to recognize that many end-user license agreements either do not acknowledge their spyware components or word them in such a way that it is impossible for the user to understand. In such cases, users are advised to proceed with caution.