Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Affordable (free) Antivirus solutions for business users.

Posted on 2014-01-09
Medium Priority
Last Modified: 2014-02-04
I look after many users at separate locations. Each office generally has between 3 and 25 users, mostly all working from a workgroup with 1 machine acting as a file share.

All the machines currently run Microsoft Security Essentials as they allow this to be installed for business use for more users than the other free offerings (as far as I am aware)

The machines are a mixture older low spec XP machines which can't cope with bloat AV software and then mostly Windows 7 newer machines and then a few windows 8 machines.

We had a nasty virus at one office in october which still managed to get based the MSE and then yesterday we were hit at a smaller 7 user office with the crypto locker virus.

Thankfully I had a Usb attached backup drive which at this location had only 1 backup but it was fine and I restored ok.

The other offers have some with a single usb drive attached and larger offices swap Usb drives out daily for better backup solutions.

After this scare I have asked for the daily offsite drives to be implemented at the smaller sites too, but my concern lies with virus prevention.

The company like most is struggling with the economy and so to suggest paid, subscription AV on all the machines isn't an option right now.

MSE seems to be OK, but this one virus got through and I think that was mostly because the user had managed to remove the AV software.

So I'm wondering how to keep these machines all reasonably safe from the odd user that clicks the links in the emails for UPS etc :P

Any suggestions welcome for a good strategy that isn't going to break the bank.

As they are workgroups I can't easily implement workgroup policies etc, so the machines ar mostly out of the box configurations with mapped drives.

How should I get this all ship-shape and as safe as possible?


Question by:navjump
  • 3
  • 2
  • 2
  • +5
LVL 50

Expert Comment

ID: 39768674
"MSE seems to be OK, but this one virus got through and I think that was mostly because the user had managed to remove the AV software."
I assume MSE is the AV to which you refer, so it would seem MSE would continue to be the best answer.  MSE did not let that virus through if MSE was turned off.

Author Comment

ID: 39768715
Yes sure thats something I am aware of, this post is mostly just me being very paranoid after being stung twice in 6 months with some big virus problems.

I guess thats just part of being a systems admin?

I was just hoping for a bit of guidance on how to proceed.

MSE doesn't check emails, but then I guess thats irrelevant as it checks on realtime scanning so if the links are clicked it checks on execution?
LVL 11

Expert Comment

ID: 39768736
As its not a domain environment, manually Take out admin rights from the users, let the user account as limited users. Create common admin account and password solely to be used by IT. Sometimes users unknowingly clicks links on webpages which installs many unwated junks.

You can use panda cloud avtivirus, but MSE also does a good job. Also priodically scan the workstations with Malwarebytes for cleaning malwares.

If resonable, create IT uses policy, Acceptable uses policy, IT Security policy like policy, standards or guidelines.
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 19

Expert Comment

by:Ken Butters
ID: 39768806
You can also use openDNS at the router level to easily restrict access to undesirable sites.
LVL 97

Expert Comment

by:Lee W, MVP
ID: 39768854
Do you use an RMM product?

It's great you want to keep costs down for your client, but this needs to be looked at from the perspective of time and expense - the only commercially free antivirus I'm aware of is ClamAV which is awful in part because it doesn't do active scanning - you can only schedule scans - it DEFINITELY would not have caught or stopped cryptolocker.  There are supposedly tools to make it active, but you WILL bill for your time, right?  You're not donating it to them?

If so, the time required to setup ClamAV could easily be 10-15 minutes per machine since this is a workgroup.  At that rate, a 10 machine network will cost 1.5-2.5 hours of labor.  I assume you charge a professional rate, so that probably somewhere between $100/150 per hour meaning total cost is $150-$375.

If you were using an RMM tool (in particular, GFI MAX) you could add Antivirus to it for (your cost) $1 per month per workstation.  You can then resell that to the client for whatever you like.  Deployment would be as simple as going into your control panel and saying to include it on the workstations.  This means BUSINESS CLASS antivirus, at cost, is $10 per month for a 10 computer network.  

Otherwise, you can buy VIPRE and typically get it at a reasonably low price and the deployment console can be setup in a workgroup and provided you have credentials, you can use it to centrally manage the network.

At the end of the day, which is likely cheaper - your labor cleaning virus infections and/or paying extortion (CryptoLocker) or buying an antivirus solution for the PCs in the network?  It's utterly foolish to refuse to buy an antivirus solution that costs $200-$300 for 10 computers for a year and pay $150 each time an infection hits to your consultant (you) to clean a machine.

And just remember and remind your clients, variants are being developed all the time and in general, before a product can successfully stop a virus, the product makers need to see it, analyze it, and create definitions to stop it.  All products have heuristic routines to try to stop the unknown, but most if not all are, by comparison to creating definitions, poor at actually stopping viruses.

By the way, unless something has changed, MSE is free for commercial use UP TO 10 computers.

Author Comment

ID: 39768892
Many thanks

I'm employed by the company so regardless of whether we have a virus or not the spend on IT consultancy is the same so not really the concern here.

So from the companies point if view not buying AV abs letting me resolve it IS the cheaper option. I'm just interested in what is best for them as an affordable option. The free AV seem to be pretty decent so the main issue is just making sure it is done well. I feel I do it well but felt asking here was a good wAy to check, learn and improve.

The management tool is of interest to me so I'll look into that and welcome more advice.

LVL 97

Expert Comment

by:Lee W, MVP
ID: 39768925
Make sure you keep good backups. And good luck.  it sounds like the company does not properly understand the value of your time or properly setup IT systems.  If they are large enough to have an in-house IT person, the expenditure for antivirus should be pretty minimal.
LVL 12

Expert Comment

ID: 39768983
Note that MSE in a business environment only allows up to 10 devices in a single business to be licensed for free. Please see http://windows.microsoft.com/en-us/windows/security-essentials-eula for more information.

There are AV solutions which are sold on a monthly basis, which can help with the sticker shock issue. Symantec comes to mind and my employer sells this product, but I'm not certain of the particulars or costs or how to go about licensing it, sorry not my bag.

I was checking around on some "Top 2014" lists for AV, and PCMag (used to be good when they were print-based) mentioned BitDefender, which you might want to take a look at... I kinda forgot about them, but I've used them before and were pretty good.

Author Comment

ID: 39769168
Thanks guys

The separate offices are separate businesses under the same umbrella I was recommended that the 10 user limit was fine. Even the larger office is 3 separate infrastructures, maybe a grey area?

It sounds like I have good systems in place under the circumstances.

I appreciate the advice
LVL 27

Expert Comment

ID: 39772868
MSE can be a good choice for software professionals to use on their own systems who follow good practices, but it should not be used in a business environment nor on most home user systems except as a temporary measure until "real" protection can be installed. You might read this recent interview with Holly Stewart, senior program manager of the Microsoft Malware Protection Center, to get some background on why not. Thinking through it helps explain why MSE has been fairly steadily dropping in rankings in the past couple years.

It's very difficult business sense to think that purchasing good protection is a difficult cost to justify. That's especially true after direct evidence from "being stung twice in 6 months with some big virus problems". I'm pretty sure you understand that, but it has to be said, perhaps multiple times.

LVL 59

Expert Comment

ID: 39830204
I've requested that this question be deleted for the following reason:

Not enough information to confirm an answer.
LVL 50

Accepted Solution

jcimarron earned 2000 total points
ID: 39830205
MSE worked except when it was turned off.  And in fact navjump acknowledged that in http:#a39769168
"It sounds like I have good systems in place under the circumstances. "

It seems enough information was given to confirm an answer.

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
If you are like me and like multiple layers of protection, read on!
The viewer will learn how to successfully download and install the SARDU utility on Windows 7, without downloading adware.
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question