In an ideal situation, the IT guy would have his way and be able to purchase antivirus licenses for each and every computer in his organization. But now, the Finance guy wants to buy as few licenses as possible.
I'd like to ask 2 things:
1. We're thinking of installing the antivirus software only on the central servers. The central servers are where all our critical data is stored, so we are thinking that we only want to protect that. In theory, the antivirus would kinda block all viruses from getting to the server. What are the risks involved if we choose not to protect the clients and workstations?
2. Is this a common practice for companies? Do the majority of companies protect each and every PC in their organization? About how many percent of companies install antivirus in all their PCs?