navjump
asked on
Affordable (free) Antivirus solutions for business users.
I look after many users at separate locations. Each office generally has between 3 and 25 users, mostly all working from a workgroup with 1 machine acting as a file share.
All the machines currently run Microsoft Security Essentials as they allow this to be installed for business use for more users than the other free offerings (as far as I am aware)
The machines are a mixture older low spec XP machines which can't cope with bloat AV software and then mostly Windows 7 newer machines and then a few windows 8 machines.
We had a nasty virus at one office in october which still managed to get based the MSE and then yesterday we were hit at a smaller 7 user office with the crypto locker virus.
Thankfully I had a Usb attached backup drive which at this location had only 1 backup but it was fine and I restored ok.
The other offers have some with a single usb drive attached and larger offices swap Usb drives out daily for better backup solutions.
After this scare I have asked for the daily offsite drives to be implemented at the smaller sites too, but my concern lies with virus prevention.
The company like most is struggling with the economy and so to suggest paid, subscription AV on all the machines isn't an option right now.
MSE seems to be OK, but this one virus got through and I think that was mostly because the user had managed to remove the AV software.
So I'm wondering how to keep these machines all reasonably safe from the odd user that clicks the links in the emails for UPS etc :P
Any suggestions welcome for a good strategy that isn't going to break the bank.
As they are workgroups I can't easily implement workgroup policies etc, so the machines ar mostly out of the box configurations with mapped drives.
How should I get this all ship-shape and as safe as possible?
Thanks
John
All the machines currently run Microsoft Security Essentials as they allow this to be installed for business use for more users than the other free offerings (as far as I am aware)
The machines are a mixture older low spec XP machines which can't cope with bloat AV software and then mostly Windows 7 newer machines and then a few windows 8 machines.
We had a nasty virus at one office in october which still managed to get based the MSE and then yesterday we were hit at a smaller 7 user office with the crypto locker virus.
Thankfully I had a Usb attached backup drive which at this location had only 1 backup but it was fine and I restored ok.
The other offers have some with a single usb drive attached and larger offices swap Usb drives out daily for better backup solutions.
After this scare I have asked for the daily offsite drives to be implemented at the smaller sites too, but my concern lies with virus prevention.
The company like most is struggling with the economy and so to suggest paid, subscription AV on all the machines isn't an option right now.
MSE seems to be OK, but this one virus got through and I think that was mostly because the user had managed to remove the AV software.
So I'm wondering how to keep these machines all reasonably safe from the odd user that clicks the links in the emails for UPS etc :P
Any suggestions welcome for a good strategy that isn't going to break the bank.
As they are workgroups I can't easily implement workgroup policies etc, so the machines ar mostly out of the box configurations with mapped drives.
How should I get this all ship-shape and as safe as possible?
Thanks
John
ASKER
Yes sure thats something I am aware of, this post is mostly just me being very paranoid after being stung twice in 6 months with some big virus problems.
I guess thats just part of being a systems admin?
I was just hoping for a bit of guidance on how to proceed.
MSE doesn't check emails, but then I guess thats irrelevant as it checks on realtime scanning so if the links are clicked it checks on execution?
I guess thats just part of being a systems admin?
I was just hoping for a bit of guidance on how to proceed.
MSE doesn't check emails, but then I guess thats irrelevant as it checks on realtime scanning so if the links are clicked it checks on execution?
As its not a domain environment, manually Take out admin rights from the users, let the user account as limited users. Create common admin account and password solely to be used by IT. Sometimes users unknowingly clicks links on webpages which installs many unwated junks.
You can use panda cloud avtivirus, but MSE also does a good job. Also priodically scan the workstations with Malwarebytes for cleaning malwares.
If resonable, create IT uses policy, Acceptable uses policy, IT Security policy like policy, standards or guidelines.
You can use panda cloud avtivirus, but MSE also does a good job. Also priodically scan the workstations with Malwarebytes for cleaning malwares.
If resonable, create IT uses policy, Acceptable uses policy, IT Security policy like policy, standards or guidelines.
You can also use openDNS at the router level to easily restrict access to undesirable sites.
Do you use an RMM product?
It's great you want to keep costs down for your client, but this needs to be looked at from the perspective of time and expense - the only commercially free antivirus I'm aware of is ClamAV which is awful in part because it doesn't do active scanning - you can only schedule scans - it DEFINITELY would not have caught or stopped cryptolocker. There are supposedly tools to make it active, but you WILL bill for your time, right? You're not donating it to them?
If so, the time required to setup ClamAV could easily be 10-15 minutes per machine since this is a workgroup. At that rate, a 10 machine network will cost 1.5-2.5 hours of labor. I assume you charge a professional rate, so that probably somewhere between $100/150 per hour meaning total cost is $150-$375.
If you were using an RMM tool (in particular, GFI MAX) you could add Antivirus to it for (your cost) $1 per month per workstation. You can then resell that to the client for whatever you like. Deployment would be as simple as going into your control panel and saying to include it on the workstations. This means BUSINESS CLASS antivirus, at cost, is $10 per month for a 10 computer network.
Otherwise, you can buy VIPRE and typically get it at a reasonably low price and the deployment console can be setup in a workgroup and provided you have credentials, you can use it to centrally manage the network.
At the end of the day, which is likely cheaper - your labor cleaning virus infections and/or paying extortion (CryptoLocker) or buying an antivirus solution for the PCs in the network? It's utterly foolish to refuse to buy an antivirus solution that costs $200-$300 for 10 computers for a year and pay $150 each time an infection hits to your consultant (you) to clean a machine.
And just remember and remind your clients, variants are being developed all the time and in general, before a product can successfully stop a virus, the product makers need to see it, analyze it, and create definitions to stop it. All products have heuristic routines to try to stop the unknown, but most if not all are, by comparison to creating definitions, poor at actually stopping viruses.
By the way, unless something has changed, MSE is free for commercial use UP TO 10 computers.
It's great you want to keep costs down for your client, but this needs to be looked at from the perspective of time and expense - the only commercially free antivirus I'm aware of is ClamAV which is awful in part because it doesn't do active scanning - you can only schedule scans - it DEFINITELY would not have caught or stopped cryptolocker. There are supposedly tools to make it active, but you WILL bill for your time, right? You're not donating it to them?
If so, the time required to setup ClamAV could easily be 10-15 minutes per machine since this is a workgroup. At that rate, a 10 machine network will cost 1.5-2.5 hours of labor. I assume you charge a professional rate, so that probably somewhere between $100/150 per hour meaning total cost is $150-$375.
If you were using an RMM tool (in particular, GFI MAX) you could add Antivirus to it for (your cost) $1 per month per workstation. You can then resell that to the client for whatever you like. Deployment would be as simple as going into your control panel and saying to include it on the workstations. This means BUSINESS CLASS antivirus, at cost, is $10 per month for a 10 computer network.
Otherwise, you can buy VIPRE and typically get it at a reasonably low price and the deployment console can be setup in a workgroup and provided you have credentials, you can use it to centrally manage the network.
At the end of the day, which is likely cheaper - your labor cleaning virus infections and/or paying extortion (CryptoLocker) or buying an antivirus solution for the PCs in the network? It's utterly foolish to refuse to buy an antivirus solution that costs $200-$300 for 10 computers for a year and pay $150 each time an infection hits to your consultant (you) to clean a machine.
And just remember and remind your clients, variants are being developed all the time and in general, before a product can successfully stop a virus, the product makers need to see it, analyze it, and create definitions to stop it. All products have heuristic routines to try to stop the unknown, but most if not all are, by comparison to creating definitions, poor at actually stopping viruses.
By the way, unless something has changed, MSE is free for commercial use UP TO 10 computers.
ASKER
Many thanks
I'm employed by the company so regardless of whether we have a virus or not the spend on IT consultancy is the same so not really the concern here.
So from the companies point if view not buying AV abs letting me resolve it IS the cheaper option. I'm just interested in what is best for them as an affordable option. The free AV seem to be pretty decent so the main issue is just making sure it is done well. I feel I do it well but felt asking here was a good wAy to check, learn and improve.
The management tool is of interest to me so I'll look into that and welcome more advice.
Thanks
I'm employed by the company so regardless of whether we have a virus or not the spend on IT consultancy is the same so not really the concern here.
So from the companies point if view not buying AV abs letting me resolve it IS the cheaper option. I'm just interested in what is best for them as an affordable option. The free AV seem to be pretty decent so the main issue is just making sure it is done well. I feel I do it well but felt asking here was a good wAy to check, learn and improve.
The management tool is of interest to me so I'll look into that and welcome more advice.
Thanks
Make sure you keep good backups. And good luck. it sounds like the company does not properly understand the value of your time or properly setup IT systems. If they are large enough to have an in-house IT person, the expenditure for antivirus should be pretty minimal.
Note that MSE in a business environment only allows up to 10 devices in a single business to be licensed for free. Please see http://windows.microsoft.com/en-us/windows/security-essentials-eula for more information.
There are AV solutions which are sold on a monthly basis, which can help with the sticker shock issue. Symantec comes to mind and my employer sells this product, but I'm not certain of the particulars or costs or how to go about licensing it, sorry not my bag.
I was checking around on some "Top 2014" lists for AV, and PCMag (used to be good when they were print-based) mentioned BitDefender, which you might want to take a look at... I kinda forgot about them, but I've used them before and were pretty good.
There are AV solutions which are sold on a monthly basis, which can help with the sticker shock issue. Symantec comes to mind and my employer sells this product, but I'm not certain of the particulars or costs or how to go about licensing it, sorry not my bag.
I was checking around on some "Top 2014" lists for AV, and PCMag (used to be good when they were print-based) mentioned BitDefender, which you might want to take a look at... I kinda forgot about them, but I've used them before and were pretty good.
ASKER
Thanks guys
The separate offices are separate businesses under the same umbrella I was recommended that the 10 user limit was fine. Even the larger office is 3 separate infrastructures, maybe a grey area?
It sounds like I have good systems in place under the circumstances.
I appreciate the advice
The separate offices are separate businesses under the same umbrella I was recommended that the 10 user limit was fine. Even the larger office is 3 separate infrastructures, maybe a grey area?
It sounds like I have good systems in place under the circumstances.
I appreciate the advice
MSE can be a good choice for software professionals to use on their own systems who follow good practices, but it should not be used in a business environment nor on most home user systems except as a temporary measure until "real" protection can be installed. You might read this recent interview with Holly Stewart, senior program manager of the Microsoft Malware Protection Center, to get some background on why not. Thinking through it helps explain why MSE has been fairly steadily dropping in rankings in the past couple years.
It's very difficult business sense to think that purchasing good protection is a difficult cost to justify. That's especially true after direct evidence from "being stung twice in 6 months with some big virus problems". I'm pretty sure you understand that, but it has to be said, perhaps multiple times.
Tom
It's very difficult business sense to think that purchasing good protection is a difficult cost to justify. That's especially true after direct evidence from "being stung twice in 6 months with some big virus problems". I'm pretty sure you understand that, but it has to be said, perhaps multiple times.
Tom
I've requested that this question be deleted for the following reason:
Not enough information to confirm an answer.
Not enough information to confirm an answer.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
"MSE seems to be OK, but this one virus got through and I think that was mostly because the user had managed to remove the AV software."
I assume MSE is the AV to which you refer, so it would seem MSE would continue to be the best answer. MSE did not let that virus through if MSE was turned off.