Solved

Affordable (free) Antivirus solutions for business users.

Posted on 2014-01-09
13
480 Views
Last Modified: 2014-02-04
I look after many users at separate locations. Each office generally has between 3 and 25 users, mostly all working from a workgroup with 1 machine acting as a file share.

All the machines currently run Microsoft Security Essentials as they allow this to be installed for business use for more users than the other free offerings (as far as I am aware)

The machines are a mixture older low spec XP machines which can't cope with bloat AV software and then mostly Windows 7 newer machines and then a few windows 8 machines.

We had a nasty virus at one office in october which still managed to get based the MSE and then yesterday we were hit at a smaller 7 user office with the crypto locker virus.

Thankfully I had a Usb attached backup drive which at this location had only 1 backup but it was fine and I restored ok.

The other offers have some with a single usb drive attached and larger offices swap Usb drives out daily for better backup solutions.

After this scare I have asked for the daily offsite drives to be implemented at the smaller sites too, but my concern lies with virus prevention.

The company like most is struggling with the economy and so to suggest paid, subscription AV on all the machines isn't an option right now.

MSE seems to be OK, but this one virus got through and I think that was mostly because the user had managed to remove the AV software.

So I'm wondering how to keep these machines all reasonably safe from the odd user that clicks the links in the emails for UPS etc :P

Any suggestions welcome for a good strategy that isn't going to break the bank.

As they are workgroups I can't easily implement workgroup policies etc, so the machines ar mostly out of the box configurations with mapped drives.

How should I get this all ship-shape and as safe as possible?

Thanks

John
0
Comment
Question by:navjump
  • 3
  • 2
  • 2
  • +5
13 Comments
 
LVL 50

Expert Comment

by:jcimarron
ID: 39768674
navjump--
"MSE seems to be OK, but this one virus got through and I think that was mostly because the user had managed to remove the AV software."
I assume MSE is the AV to which you refer, so it would seem MSE would continue to be the best answer.  MSE did not let that virus through if MSE was turned off.
0
 

Author Comment

by:navjump
ID: 39768715
Yes sure thats something I am aware of, this post is mostly just me being very paranoid after being stung twice in 6 months with some big virus problems.

I guess thats just part of being a systems admin?

I was just hoping for a bit of guidance on how to proceed.

MSE doesn't check emails, but then I guess thats irrelevant as it checks on realtime scanning so if the links are clicked it checks on execution?
0
 
LVL 11

Expert Comment

by:Miftaul
ID: 39768736
As its not a domain environment, manually Take out admin rights from the users, let the user account as limited users. Create common admin account and password solely to be used by IT. Sometimes users unknowingly clicks links on webpages which installs many unwated junks.

You can use panda cloud avtivirus, but MSE also does a good job. Also priodically scan the workstations with Malwarebytes for cleaning malwares.

If resonable, create IT uses policy, Acceptable uses policy, IT Security policy like policy, standards or guidelines.
0
 
LVL 19

Expert Comment

by:Ken Butters
ID: 39768806
You can also use openDNS at the router level to easily restrict access to undesirable sites.
0
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 39768854
Do you use an RMM product?

It's great you want to keep costs down for your client, but this needs to be looked at from the perspective of time and expense - the only commercially free antivirus I'm aware of is ClamAV which is awful in part because it doesn't do active scanning - you can only schedule scans - it DEFINITELY would not have caught or stopped cryptolocker.  There are supposedly tools to make it active, but you WILL bill for your time, right?  You're not donating it to them?

If so, the time required to setup ClamAV could easily be 10-15 minutes per machine since this is a workgroup.  At that rate, a 10 machine network will cost 1.5-2.5 hours of labor.  I assume you charge a professional rate, so that probably somewhere between $100/150 per hour meaning total cost is $150-$375.

If you were using an RMM tool (in particular, GFI MAX) you could add Antivirus to it for (your cost) $1 per month per workstation.  You can then resell that to the client for whatever you like.  Deployment would be as simple as going into your control panel and saying to include it on the workstations.  This means BUSINESS CLASS antivirus, at cost, is $10 per month for a 10 computer network.  

Otherwise, you can buy VIPRE and typically get it at a reasonably low price and the deployment console can be setup in a workgroup and provided you have credentials, you can use it to centrally manage the network.

At the end of the day, which is likely cheaper - your labor cleaning virus infections and/or paying extortion (CryptoLocker) or buying an antivirus solution for the PCs in the network?  It's utterly foolish to refuse to buy an antivirus solution that costs $200-$300 for 10 computers for a year and pay $150 each time an infection hits to your consultant (you) to clean a machine.

And just remember and remind your clients, variants are being developed all the time and in general, before a product can successfully stop a virus, the product makers need to see it, analyze it, and create definitions to stop it.  All products have heuristic routines to try to stop the unknown, but most if not all are, by comparison to creating definitions, poor at actually stopping viruses.

By the way, unless something has changed, MSE is free for commercial use UP TO 10 computers.
0
 

Author Comment

by:navjump
ID: 39768892
Many thanks

I'm employed by the company so regardless of whether we have a virus or not the spend on IT consultancy is the same so not really the concern here.

So from the companies point if view not buying AV abs letting me resolve it IS the cheaper option. I'm just interested in what is best for them as an affordable option. The free AV seem to be pretty decent so the main issue is just making sure it is done well. I feel I do it well but felt asking here was a good wAy to check, learn and improve.

The management tool is of interest to me so I'll look into that and welcome more advice.

Thanks
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 39768925
Make sure you keep good backups. And good luck.  it sounds like the company does not properly understand the value of your time or properly setup IT systems.  If they are large enough to have an in-house IT person, the expenditure for antivirus should be pretty minimal.
0
 
LVL 12

Expert Comment

by:Sommerblink
ID: 39768983
Note that MSE in a business environment only allows up to 10 devices in a single business to be licensed for free. Please see http://windows.microsoft.com/en-us/windows/security-essentials-eula for more information.

There are AV solutions which are sold on a monthly basis, which can help with the sticker shock issue. Symantec comes to mind and my employer sells this product, but I'm not certain of the particulars or costs or how to go about licensing it, sorry not my bag.

I was checking around on some "Top 2014" lists for AV, and PCMag (used to be good when they were print-based) mentioned BitDefender, which you might want to take a look at... I kinda forgot about them, but I've used them before and were pretty good.
0
 

Author Comment

by:navjump
ID: 39769168
Thanks guys

The separate offices are separate businesses under the same umbrella I was recommended that the 10 user limit was fine. Even the larger office is 3 separate infrastructures, maybe a grey area?

It sounds like I have good systems in place under the circumstances.

I appreciate the advice
0
 
LVL 27

Expert Comment

by:tliotta
ID: 39772868
MSE can be a good choice for software professionals to use on their own systems who follow good practices, but it should not be used in a business environment nor on most home user systems except as a temporary measure until "real" protection can be installed. You might read this recent interview with Holly Stewart, senior program manager of the Microsoft Malware Protection Center, to get some background on why not. Thinking through it helps explain why MSE has been fairly steadily dropping in rankings in the past couple years.

It's very difficult business sense to think that purchasing good protection is a difficult cost to justify. That's especially true after direct evidence from "being stung twice in 6 months with some big virus problems". I'm pretty sure you understand that, but it has to be said, perhaps multiple times.

Tom
0
 
LVL 59

Expert Comment

by:LeeTutor
ID: 39830204
I've requested that this question be deleted for the following reason:

Not enough information to confirm an answer.
0
 
LVL 50

Accepted Solution

by:
jcimarron earned 500 total points
ID: 39830205
MSE worked except when it was turned off.  And in fact navjump acknowledged that in http:#a39769168
"It sounds like I have good systems in place under the circumstances. "

It seems enough information was given to confirm an answer.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

So many times I have seen the words written in a question "if only I could show you" or " I know how hard it is for you since you can't see it" in any zone. That has inspired me to write about this tool in windows 7 called "Problem Steps Recorder…
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
This Micro Tutorial will teach you how to change your appearance and customize your Windows 7 interface to your unique preference. This will be demonstrated using Windows 7 operating system.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now