Spyware/Grayware

Spyware and grayware refer to applications or files not classified as viruses or Trojans, but can still negatively affect the performance of the computers on the network. Spyware and grayware introduce significant security, confidentiality, and legal risks to an organization. Spyware/Grayware often performs a variety of undesired and threatening actions such as irritating users with pop-up windows, logging user keystrokes, and exposing computer vulnerabilities to attack.

Types of Spyware/Grayware

OfficeScan can perform the following actions against these spyware/grayware types: Clean, Pass, Deny Access.

How Spyware/Grayware Gets into a Network

Spyware/Grayware often gets into a corporate network when users download legitimate software that has grayware applications included in the installation package. Most software programs include an End User License Agreement (EULA), which the user has to accept before downloading. Often the EULA does include information about the application and its intended use to collect personal data; however, users often overlook this information or do not understand the legal jargon.

Potential Risks and Threats

The existence of spyware and other types of grayware on the network have the potential to introduce the following:

Guarding Against Spyware/Grayware

There are many ways to prevent the installation of spyware/grayware to a computer. Trend Micro suggests adhering to the following standard practices:

See also: