Ban downloads and implement personal firewalls to protect corporate systems
Trojans, worms and viruses continue to hog the headlines and diligent network managers have powerful firewalling, anti-virus and patch management policies protecting the fortress. But what good is all this if a Trojan can enter through the front gate?
Spyware is any software unwittingly downloaded that gathers information about the user and the network. Sometimes the user pulls in spyware without realising the danger, sometimes it arrives through secret passages in the browser code. Once inside, it gathers information to build a profile of the user's habits and online environment. It breaches the firewall with the implicit permission of the user.
At its simplest, spyware may only be a cookie, a small text file downloaded through the browser by virtually all websites. Cookies come in two main varieties. The vanilla variety is arguably well meant and useful. It stores personal information so a visitor can re-enter a website without typing in their user name and password. They may also store preferences for personalised pages, usually called "My something".
When a cookie is recognised on a user's computer, scripts can track them around the site and gain more information about the visitor's interests and preferences. Typically benevolent, the cookie is only accessible to the originating website and is only active while the user is on that site. Another example is the shopping trolley cookie, which "carries" your purchases to the virtual checkout and then self-destructs.
http://www.computerweekly.com/articles/article.asp?liArticleID=126797

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic