Solved

Affordable (free) Antivirus solutions for business users.

Posted on 2014-01-09
13
483 Views
Last Modified: 2014-02-04
I look after many users at separate locations. Each office generally has between 3 and 25 users, mostly all working from a workgroup with 1 machine acting as a file share.

All the machines currently run Microsoft Security Essentials as they allow this to be installed for business use for more users than the other free offerings (as far as I am aware)

The machines are a mixture older low spec XP machines which can't cope with bloat AV software and then mostly Windows 7 newer machines and then a few windows 8 machines.

We had a nasty virus at one office in october which still managed to get based the MSE and then yesterday we were hit at a smaller 7 user office with the crypto locker virus.

Thankfully I had a Usb attached backup drive which at this location had only 1 backup but it was fine and I restored ok.

The other offers have some with a single usb drive attached and larger offices swap Usb drives out daily for better backup solutions.

After this scare I have asked for the daily offsite drives to be implemented at the smaller sites too, but my concern lies with virus prevention.

The company like most is struggling with the economy and so to suggest paid, subscription AV on all the machines isn't an option right now.

MSE seems to be OK, but this one virus got through and I think that was mostly because the user had managed to remove the AV software.

So I'm wondering how to keep these machines all reasonably safe from the odd user that clicks the links in the emails for UPS etc :P

Any suggestions welcome for a good strategy that isn't going to break the bank.

As they are workgroups I can't easily implement workgroup policies etc, so the machines ar mostly out of the box configurations with mapped drives.

How should I get this all ship-shape and as safe as possible?

Thanks

John
0
Comment
Question by:navjump
  • 3
  • 2
  • 2
  • +5
13 Comments
 
LVL 50

Expert Comment

by:jcimarron
ID: 39768674
navjump--
"MSE seems to be OK, but this one virus got through and I think that was mostly because the user had managed to remove the AV software."
I assume MSE is the AV to which you refer, so it would seem MSE would continue to be the best answer.  MSE did not let that virus through if MSE was turned off.
0
 

Author Comment

by:navjump
ID: 39768715
Yes sure thats something I am aware of, this post is mostly just me being very paranoid after being stung twice in 6 months with some big virus problems.

I guess thats just part of being a systems admin?

I was just hoping for a bit of guidance on how to proceed.

MSE doesn't check emails, but then I guess thats irrelevant as it checks on realtime scanning so if the links are clicked it checks on execution?
0
 
LVL 11

Expert Comment

by:Miftaul
ID: 39768736
As its not a domain environment, manually Take out admin rights from the users, let the user account as limited users. Create common admin account and password solely to be used by IT. Sometimes users unknowingly clicks links on webpages which installs many unwated junks.

You can use panda cloud avtivirus, but MSE also does a good job. Also priodically scan the workstations with Malwarebytes for cleaning malwares.

If resonable, create IT uses policy, Acceptable uses policy, IT Security policy like policy, standards or guidelines.
0
 
LVL 19

Expert Comment

by:Ken Butters
ID: 39768806
You can also use openDNS at the router level to easily restrict access to undesirable sites.
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 39768854
Do you use an RMM product?

It's great you want to keep costs down for your client, but this needs to be looked at from the perspective of time and expense - the only commercially free antivirus I'm aware of is ClamAV which is awful in part because it doesn't do active scanning - you can only schedule scans - it DEFINITELY would not have caught or stopped cryptolocker.  There are supposedly tools to make it active, but you WILL bill for your time, right?  You're not donating it to them?

If so, the time required to setup ClamAV could easily be 10-15 minutes per machine since this is a workgroup.  At that rate, a 10 machine network will cost 1.5-2.5 hours of labor.  I assume you charge a professional rate, so that probably somewhere between $100/150 per hour meaning total cost is $150-$375.

If you were using an RMM tool (in particular, GFI MAX) you could add Antivirus to it for (your cost) $1 per month per workstation.  You can then resell that to the client for whatever you like.  Deployment would be as simple as going into your control panel and saying to include it on the workstations.  This means BUSINESS CLASS antivirus, at cost, is $10 per month for a 10 computer network.  

Otherwise, you can buy VIPRE and typically get it at a reasonably low price and the deployment console can be setup in a workgroup and provided you have credentials, you can use it to centrally manage the network.

At the end of the day, which is likely cheaper - your labor cleaning virus infections and/or paying extortion (CryptoLocker) or buying an antivirus solution for the PCs in the network?  It's utterly foolish to refuse to buy an antivirus solution that costs $200-$300 for 10 computers for a year and pay $150 each time an infection hits to your consultant (you) to clean a machine.

And just remember and remind your clients, variants are being developed all the time and in general, before a product can successfully stop a virus, the product makers need to see it, analyze it, and create definitions to stop it.  All products have heuristic routines to try to stop the unknown, but most if not all are, by comparison to creating definitions, poor at actually stopping viruses.

By the way, unless something has changed, MSE is free for commercial use UP TO 10 computers.
0
 

Author Comment

by:navjump
ID: 39768892
Many thanks

I'm employed by the company so regardless of whether we have a virus or not the spend on IT consultancy is the same so not really the concern here.

So from the companies point if view not buying AV abs letting me resolve it IS the cheaper option. I'm just interested in what is best for them as an affordable option. The free AV seem to be pretty decent so the main issue is just making sure it is done well. I feel I do it well but felt asking here was a good wAy to check, learn and improve.

The management tool is of interest to me so I'll look into that and welcome more advice.

Thanks
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 39768925
Make sure you keep good backups. And good luck.  it sounds like the company does not properly understand the value of your time or properly setup IT systems.  If they are large enough to have an in-house IT person, the expenditure for antivirus should be pretty minimal.
0
 
LVL 12

Expert Comment

by:Sommerblink
ID: 39768983
Note that MSE in a business environment only allows up to 10 devices in a single business to be licensed for free. Please see http://windows.microsoft.com/en-us/windows/security-essentials-eula for more information.

There are AV solutions which are sold on a monthly basis, which can help with the sticker shock issue. Symantec comes to mind and my employer sells this product, but I'm not certain of the particulars or costs or how to go about licensing it, sorry not my bag.

I was checking around on some "Top 2014" lists for AV, and PCMag (used to be good when they were print-based) mentioned BitDefender, which you might want to take a look at... I kinda forgot about them, but I've used them before and were pretty good.
0
 

Author Comment

by:navjump
ID: 39769168
Thanks guys

The separate offices are separate businesses under the same umbrella I was recommended that the 10 user limit was fine. Even the larger office is 3 separate infrastructures, maybe a grey area?

It sounds like I have good systems in place under the circumstances.

I appreciate the advice
0
 
LVL 27

Expert Comment

by:tliotta
ID: 39772868
MSE can be a good choice for software professionals to use on their own systems who follow good practices, but it should not be used in a business environment nor on most home user systems except as a temporary measure until "real" protection can be installed. You might read this recent interview with Holly Stewart, senior program manager of the Microsoft Malware Protection Center, to get some background on why not. Thinking through it helps explain why MSE has been fairly steadily dropping in rankings in the past couple years.

It's very difficult business sense to think that purchasing good protection is a difficult cost to justify. That's especially true after direct evidence from "being stung twice in 6 months with some big virus problems". I'm pretty sure you understand that, but it has to be said, perhaps multiple times.

Tom
0
 
LVL 59

Expert Comment

by:LeeTutor
ID: 39830204
I've requested that this question be deleted for the following reason:

Not enough information to confirm an answer.
0
 
LVL 50

Accepted Solution

by:
jcimarron earned 500 total points
ID: 39830205
MSE worked except when it was turned off.  And in fact navjump acknowledged that in http:#a39769168
"It sounds like I have good systems in place under the circumstances. "

It seems enough information was given to confirm an answer.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows 10 4 37
cant ping a windows 10 computer 12 54
Mouse goes crazy when flash drive is inserted 7 42
Mapped Network Drive Multiplying - Windows 7 - 64 Bit 6 30
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
A quick guide on how to use Group Policy to create a custom power plan and set it active on Windows 7.
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now