Home
Join

49 Replies

  • You are dealing with a business need. Free is not really an option when you look at the EULA of most of the reasonable names. "We don't want to spend money" doesn't cover it when they lose all their data. Do what you must, but some things shouldn't be sacrificed because the pain later will be much larger than the cost of the software.

    Windows Defender or Comodo are really all that would meet your requirements that I'm aware of. I would just stick with Windows Defender if you aren't going to spend the money to get something.

    Good Luck

    Spice (25) flagReport
    8 found this helpful thumb_up thumb_down
  • If you are working at a small company that doesn't have the money for proper malware protection, get out that resume and start looking for a more stable place of employment.

    Spice (19) flagReport
    7 of 13 found this helpful thumb_up thumb_down
  • Defender is fine, security is all about layers, have good firewalls, web filters, spam filters, Software Restriction Policies in place, good security practices and other things, you should be fine running Defender as a last line. Things should not get to that last line often. And have controls in place if it does. 
    Spice (15) flagReport
    2 found this helpful thumb_up thumb_down
  • Honestly as the others have said, when it comes to business, especially smaller businesses, until something goes wrong they won't consider paying for anything they don't have to.

    The embedded Windows Defender has gotten significantly better over the years, it's still not perfect as without paying it doesn't have a centalised control panel, but it's better than nothing!

    It depends on their "Downtime cost". E.G. How much does it cost the company per hour of downtime from say, ransomware? If they say nothing, then no paid antivirus needed!

    Spice (6) flagReport
    1 found this helpful thumb_up thumb_down
  • I'd stick with the integrated Windows Defender, but I would go through and turn off the ability for the end user to manage it.  This way it never gets turned off.

    Spice (14) flagReport
    1 found this helpful thumb_up thumb_down
  • Are they not wanting to spend on A/V bc of security spending elsewhere on the other layers?  
    Are they interested in using chromebooks instead of windows machines?


    Spice (2) flagReport
    Was this post helpful? thumb_up thumb_down
  • I haven't found a suitable product that detects AND removes for free. HitManPro used to be a good one, but also requires a license to remove what it finds last I checked. Buying a license for Malwarebytes is very cheap compared to alternatives, and it's the cost of doing business. Otherwise, you could reset Windows, but you know, people don't typically like that option...

    Was this post helpful? thumb_up thumb_down
  • I have to concur that Windows or Microsoft Defender has really upped its game.

    Multiple layers of protection

    But still even with the best Antivirus, you will occasionally get Potentially Unwanted Programs (PUPs).

    How about ADWCleaner for an occasional manual cleanup?

    AFAIK, ADWCleaner from Malwarebytes is free.  

    Spice (3) flagReport
    2 found this helpful thumb_up thumb_down
  • https://www.superantispyware.com/

    This is pretty decent with free edition.

    Best to have a firewall or something to intercept content between internet and office.

    You may delve into one of these if they are adventurous:

    https://www.techradar.com/best/best-free-linux-firewalls

    https://www.ipfire.org

    This AV is free but not on-demand scanning: https://clamwin.com/

    Spice (1) flagReport
    Was this post helpful? thumb_up thumb_down
  • by chance do you pay for any office365 licenses?

    Was this post helpful? thumb_up thumb_down
  • Windows Defender coupled with aggressive firewalls that can block both outgoing and incoming traffic with intrusion protection packages has kept me out of trouble since 2008. In addition, set up GPO that bans user accounts from writing to sensitive areas of the OS. There will be false positives and problems with users trying to install software themselves, but tell your boss that is the cost of providing enterprise security.

    Was this post helpful? thumb_up thumb_down
  • Scenic Overview - Your actual security-policy drivers:

    • Effectiveness of blocking malware / intrusion
    • Your insurable posture and reasonable diligence -- you may need to defend yourself from a lawsuit at some point if one of your users, or worse, a client, is affected by a breach. Do annual training, even if it's brief.  Document whatever firewall you have.
    Nitty Gritty Answer to Your Question
    • You're probably fine with the built-in protections, both Windows and Mac at this point;
    • DRILL into your users the mantra -- if in doubt, don't click it!  
    • Your users are your actual vulnerability at this point in technological time.
    • Check out the automation of a banner applied on incoming external email.  These can be effective.

    Scenic Underview

    • There is no such thing as free. 
    • Someone has to buy the servers, pay the electric bill, even if s/he does the whole thing as a hobby. 
    • Figure out how you are paying, if you think you are getting something for free.   It isn't free, and it's not a responsible corporate posture to believe in such a thing.
    Spice (3) flagReport
    Was this post helpful? thumb_up thumb_down
  • What you are really missing, and in a company of that scale I believe you absolutely need it, is the centralized management. With a standalone management, in the end of the year you will count plenty of hours that will have been spent on running around, troubleshooting something, checking what user told you is going wrong with the antivirus, recovering one by one the computers that were hit by some malware and cannot be cleaned, reconfiguring your antivirus product etc. And yet all of these will be done in a non consistent way. Imagine you need to allow / block something on client antivirus software, will you go on all of the computers to do so? Most of the times that will be prioritized as less important just because it is a whole project. And, still you will have lost a great deal of time that you could have invested into staying up to date with ongoing technologies, threats, etc and into improving your systems which is a benefit for the company itself. That's your best argument for your boss.

    Spice (4) flagReport
    1 found this helpful thumb_up thumb_down
  • Windows Defender is actually pretty competent but like Morris says you've actually got 100 instances to manage and monitor.

    I'm amazed with all the stories about ransomware and data breaches you're company doesn't consider cybersecurity of some sort a necessity. If you're using any Microsoft 365 products you may have Defender ATP depending on your licenses.  

    I'm a big fan of MalwareBytes as a belt & braces solution with a "traditional" AV, the paid for version is very good!

    Was this post helpful? thumb_up thumb_down
  • Defender and Malwarebytes

    Spice (2) flagReport
    Was this post helpful? thumb_up thumb_down
  • Is Windows Defender really good enough. I use Webroot for three reasons. They seem to be quite good at protection. They also warn us of unsafe websites and lastly the dashboard makes it easy to see what computers have anti virus, what versions and I get alerts when a pc has a virus or malware infection.

    I speak under correction, but I don't believe that Windows Defender provides that central management? Nor does it warn of unsafe website as far as I am aware? But I have heard that Windows Defender do seem to offer good protection against viruses nowadays. But how true that is I don't know.

    Spice (1) flagReport
    Was this post helpful? thumb_up thumb_down
  • If i had no alternative i would install avast while turning a blind eye to the fact I was basically stealing it. :/

    Then when the company can afford it buy the licence.

    Alternatively infect them with the "eicar test virus" and tell them luckily you caught it but had they not bought AV then they might have lost all their data!

    That might ship them into doing the right thing.

    Spice (2) flagReport
    0 of 1 found this helpful thumb_up thumb_down
  • A couple of others have said Malwarebytes for a free solution. I agree, as they have a very effective free version, but it doesn't run in real time like a licensed version of it. It's better than nothing, but you'd be relying on your users to actively scan for threats. Windows Defender, especially if you have 365 licenses, is more than competent, and then if you'd really prefer other options, there are free antiviruses like Avast!, Bitdefender, Kaspersky, etc. They're all fine, but Windows Defender would still probably be your best option for an all in one solution.

    And if you're in a situation where the business doesn't see the value in purchasing licenses for additional antimalware/antivirus support, you'll want to explain why it is important. Try to quantify how long it would take you to resolve a virus that is spreading through the network and how much of a business, and monetary, impact that would take. If you can make the cost of getting licenses for all users cheaper than the cost of risking computer downtime that affects revenue, they should be more open to following your advice.

    Was this post helpful? thumb_up thumb_down
  • Wow - I didn't expect this thread to blow up with so many responses.  Thank you very much to everyone that replied and offered insight and recommendations - I kind of had a feeling there wasn't a "free" product and if we want to stay protected we will have to pony up and pay.  We do use Office 365 with Business Standard licenses, isn't ATP just a security feature built into Office 365 similar to something like Barracuda that monitors email traffic for phishing attempts etc?  I am using ITarian Endpoint Management to monitor all end points and make sure they are up to date on Windows Updates as well as Security Definitions.  I will look into ADWCleaner to clear out any PUP's as well as advise my company yet again that Cyber Security should be at the top of our lists of wanted protection.

    Spice (2) flagReport
    Was this post helpful? thumb_up thumb_down
  • I'm a fan of Webroot, too -- it's very lightweight, so it doesn't impact performance, and it does a good job -- i think the cost is low, too.  We use Cylance and are looking at 24/7 managed solutions, but then we're starting to talk $ that it sounds like your co won't want to part with -- if i wasn't the one that would somehow have to fix whatever went wrong relying only on WinDef then if the network got infected i'd say, "I told you so" 😣😃

    Was this post helpful? thumb_up thumb_down
  • jkalber wrote:

      We do use Office 365 with Business Standard licenses, isn't ATP just a security feature built into Office 365 similar to something like Barracuda that monitors email traffic for phishing attempts etc?

    Yes,  there is an addon for Office365 that gets you the managed version of windows defender ATP

    https://www.microsoft.com/en-us/security/business/threat-protection/endpoint-defender

    You can buy it as a stand alone add on or it comes with some of the higher office365 license packages. I suggest taking a detailed look at the options with your rep as there are a lot of security related addons and benefits to upgrading your office365.  The bundles include a lot of functionality that is not obvious. 

    People usually just think of office365 as Email and Office apps but it goes way beyond that into management and systems as well. Thinks like Endpoint Security, Intune, MDM, Autopilot, server cals, Azure Premium, 2fa,  etc. its a really long list actually and covers a lot of our day to day management and security needs.

    2 found this helpful thumb_up thumb_down
  • The built in Windows Defender is a pretty good all around program. If you stick to the free version instead of the Microsoft ATP you lose the IT management pane of glass. Defender updates and scans in the background on it's own but if you want to create a schedule you can run a CMD script with these lines:

    cd %ProgramFiles%\Windows Defender
    MpCmdRun.exe -removedefinitions -dynamicsignatures
    MpCmdRun.exe -SignatureUpdate
    MpCmdRun.exe -Scan

    You could always use the argument too with leadership that it's cheaper to pay for preventative security than for ransomware recovery. Which has been on the rise the last couple of years.

    Spice (1) flagReport
    Was this post helpful? thumb_up thumb_down
  • I was disappointed when Malwarebytes wanted me to pay to remove crap on my PCs. It's almost ransomware in a way IMO. I can understand paying for a continuous, real-time protection service but I should be able to quarantine stuff the free version finds, for free...

    Anyway, I found this other program called MalwareFox where the free version has detection and removal, as it should be. I do also recommend pairing it with ADWCleaner.
    https://www.malwarefox.com/

    Spice (1) flagReport
    1 of 2 found this helpful thumb_up thumb_down
  • At work and at home we've always paid for some AV (McAfee, Norton, Sophos, BitDefender or AVG). It's a justifiable and smart business expense. 

    In my mind it's no different than buying a lock and key for your home or business's front door, back door, windows or any other perimeter entrance.

    As for free AV, I use Malwarebytes as a second opinion when a systems need scanning.

    Was this post helpful? thumb_up thumb_down
  • as others have said defender is your best bet. 
    i would make sure that the higher ups understand the value of security. 
    what are the costs ($$$) is someone cant work for a day because of a dead laptop?
    what are the costs ($$$) if someone's email or other application gets hacked?
    what are the costs ($$$) if the company gets ransomware? 
    if $ is really out of the question... the two biggest places for security issues are Unpatched software and Social Engineering. 
    aka, if you dont have good security, then you better make sure you are doing all you can to make sure all software and OS's are updated. 
    and your users are trained on how to spot and handle phishing attempts and stuff. 
    Spice (1) flagReport
    Was this post helpful? thumb_up thumb_down
  • No company has an infinite amount of money to spend (unless they are a government) so it is always a matter of allocation.  Choosing not to allocate monies for security is a bold decision.  Windows Defender is a good choice for work stations.  You don't mention servers.  Surely you are allocating funds for server protection...

    Spice (1) flagReport
    Was this post helpful? thumb_up thumb_down
  • Random Parts wrote:

    The built in Windows Defender is a pretty good all around program. If you stick to the free version instead of the Microsoft ATP you lose the IT management pane of glass. Defender updates and scans in the background on it's own but if you want to create a schedule you can run a CMD script with these lines:

    cd %ProgramFiles%\Windows Defender
    MpCmdRun.exe -removedefinitions -dynamicsignatures
    MpCmdRun.exe -SignatureUpdate
    MpCmdRun.exe -Scan

    You could always use the argument too with leadership that it's cheaper to pay for preventative security than for ransomware recovery. Which has been on the rise the last couple of years.

    If you go this route you will also have to go machine by machine to enable all of the services in defender so you get the best protection

    Was this post helpful? thumb_up thumb_down
  • Somewhat unrelated, but what's your email security strategy like? Are you blocking malicious senders and maybe even running phishing simulations campaigns? Don't forget about email security!

    Spice (1) flagReport
    1 found this helpful thumb_up thumb_down
  • AndrewWilson5454 wrote:

    Somewhat unrelated, but what's your email security strategy like? Are you blocking malicious senders and maybe even running phishing simulations campaigns? Don't forget about email security!

    For every phishing or spam email we receive - I add the senders domain to our spam filter policy. 

    Was this post helpful? thumb_up thumb_down
  • jkalber wrote:

    AndrewWilson5454 wrote:

    Somewhat unrelated, but what's your email security strategy like? Are you blocking malicious senders and maybe even running phishing simulations campaigns? Don't forget about email security!

    For every phishing or spam email we receive - I add the senders domain to our spam filter policy. 

    That is a very labor intensive, losing game of whack a mole. I get why you do it, but it isn't providing effective protection to your systems and users

    Spice (1) flagReport
    Was this post helpful? thumb_up thumb_down
  • molan wrote:

    jkalber wrote:

    AndrewWilson5454 wrote:

    Somewhat unrelated, but what's your email security strategy like? Are you blocking malicious senders and maybe even running phishing simulations campaigns? Don't forget about email security!

    For every phishing or spam email we receive - I add the senders domain to our spam filter policy. 

    That is a very labor intensive, losing game of whack a mole. I get why you do it, but it isn't providing effective protection to your systems and users

    Yes - it is very labor intensive.  What other options would you recommend to block incoming phishing emails?

    Was this post helpful? thumb_up thumb_down
  • Hey OP - We do have some free tools for you to check for security risks, remove viruses and protect your network (including our Hitman PRO Malware Removal Tool, and Virus Removal Tool): https://secure2.sophos.com/en-us/products/free-tools.aspx

    Of course, if you want more protection, I'd recommend checking out our Endpoint Protection solution for future plans: https://www.sophos.com/en-us/products/endpoint-antivirus.aspx

    Spice (2) flagReport
    1 found this helpful thumb_up thumb_down
  • The blocking phishing email question made me think of this -- we're going to implement it in addition to some other solutions:


    Just another alternative to throw in the mix :)

    (And Sophos is definitely a cool company with cool solutions) 👍

    Spice (1) flagReport
    Was this post helpful? thumb_up thumb_down
  • The big issue is support.

    Free software generally gives you KB and wishes you luck.

    If you're company isn't willing to buy some malware/virus protection, I would look at leaving. They are setting you up to fail, and fail hard. Especially with the rise in popularity of ransomware as of late.

    Spice (3) flagReport
    2 found this helpful thumb_up thumb_down
  • There are two options I know and have used that will still scan and remove malware for free. But as others have said, if you're a business they want you to buy it. That said, if you ignore the morality, you can use either ESET Online Scanner or Trend Micro HouseCall. They are both way slower when using the free version. Be prepared for 15 to 20 minutes for each. On really poor performing computers, or severely infected ones, I've seen ESET take a few hours. When I first got to this company I had to run it on one computer that was full of junk. It took over 12 hours, but it also removed over 3,200 PUP's. For free. 

    Edit: Just to be clear, using the free scanners was before this company switched to CB Defense. The IT posture here is completely different than it was then.

    ESET Online Scanner:

    https://www.eset.com/me/home/online-scanner/

    Trend Micro HouseCall:

    https://www.trendmicro.com/en_us/forHome/products/housecall.html

    Spice (2) flagReport
    2 found this helpful thumb_up thumb_down
  • Windows Defender is the choice.   It is already there and well maintained.  Like others have said it has gotten much more powerful over the years.  Centralized management is nice, but you can be protected without it.

    Also... Take a good look at the built in Ransomware Protection in Windows Defender (Controlled Folder Access).   

    Spice (1) flagReport
    1 found this helpful thumb_up thumb_down
  • Let me guess.
    You work for Colonial Pipeline.
    Spice (5) flagReport
    Was this post helpful? thumb_up thumb_down
  • Stopped using free AV / cleaners years ago. Simply because they either are not truly free for all purposes, are crippleware or just don't do any good.

    We are talking security here. Would you trust a bodyguard that does his / her work for free? They probably are the first to duck when real danger arises. Treat software for protection the same. There are some good free firewall options that are open source and free. However, donating would be good and fit organizations that don't have much to spent.

    Spice (1) flagReport
    1 found this helpful thumb_up thumb_down
  • You can explore and experiment with ClamAV which is free and will install and can be run in Windows. You can command scans, etc. Big companies do use it although some people say it is not as good as the AVs you purchase. See:https://www.clamav.net/documents/installing-clamav-on-windows

    Was this post helpful? thumb_up thumb_down
  • Just remember you get what you pay for. Free sounds great but in the end the protection you are going to get is not going to be good. That's just the bottom line. The price of doing business and having to use computers is something that any and all companies have to accept. It's a dangerous place to cut corners, but one of the first that most companies do. It's like when you buy a car. If you don't maintain it your asking for trouble. If your life depends on it, you should take care of it. If you can afford to walk if it breaks down, then you take the risk. Same thing with computers, data, etc.. They need to ask themselves, can we survive without it? if not, proper maintenance is a must and you have to pay what you have to pay. Doesn't mean you buy the most expensive and the most expensive maintenance, but free or cheap and business is not a good mix. 

    IMO

    Was this post helpful? thumb_up thumb_down
  • molan wrote:

    jkalber wrote:

    AndrewWilson5454 wrote:

    Somewhat unrelated, but what's your email security strategy like? Are you blocking malicious senders and maybe even running phishing simulations campaigns? Don't forget about email security!

    For every phishing or spam email we receive - I add the senders domain to our spam filter policy. 

    That is a very labor intensive, losing game of whack a mole. I get why you do it, but it isn't providing effective protection to your systems and users

    O365 ECP has a lot of great filtering capablities. Would suggest doing a deep dive to understand what all of the settings do. Once you have your head wrapped around it start implementing! Roll out one change a week but not on a Monday unless you are a masochist. One of the fastest easiest is to block TLDs for countries your company does not transact with. Another easy one is blocking attachments of "type" ex: .js, .bat, .ps1, ps2. Also instead of delivering spam to the users spam folder, quarantine it on the server. 

    Most free real-time scanning is only for "home" versions of the software which is potentially a huge liability for you and the company. If the issue ever came up the company would throw you under the bus, "The IT guy installed it, we didn't know".

    Spice (1) flagReport
    Was this post helpful? thumb_up thumb_down
  • 2300peterw wrote:

    You can explore and experiment with ClamAV which is free and will install and can be run in Windows. You can command scans, etc. Big companies do use it although some people say it is not as good as the AVs you purchase. See:https://www.clamav.net/documents/installing-clamav-on-windows

    Hello,

    The last time I locked into it, ClamAV did not have any real-time scanning component.  Thus, it will not prevent an infected file from being run, just that the file is infected whenever you scan it (which could be some time after the file was run depending upon when scans are scheduled).  ClamAV is used by some enterprises, but more as part of a proxy/gateway scanning solution and not an endpoint one.  And also because of costs.  As always, caveat emptor.

    Regards,

    Aryeh Goretsky
    Spice (2) flagReport
    1 found this helpful thumb_up thumb_down
  • From a business stand point free really isn't ideal. I would suggest using Sophos for small business.

    For free AVG and Avast are good. Check out this list for comparison: https://www.trustedantiviruscompare.com/best-free-malware-removal?gclid=EAIaIQobChMI2PLA68Lq8AIVlajI...

    Was this post helpful? thumb_up thumb_down
  • Hey OP! I think securing funding for this kind of thing is a common challenge for small businesses and I can definitely understand what you're going through and why you're not able to consider anything that isn't free currently - Just wanted to provide this article from WatchGuard that has some tips for IT pros looking to secure a budget on security, just in case it has any useful advice for you in the future. Like the article states, it's no fun to have these conversations once a breach has already happened so it might be worth the time and effort to present a more detailed case to management for why free AV isn't enough for businesses if they want to protect their data these days. While they might be slow to budge, they definitely won't be able to say you didn't do your due diligence if they decide to go with free solutions. Wishing you luck! 

    Was this post helpful? thumb_up thumb_down
  • Years ago, Defender was technically not allowed for business use for except for small companies, and/or installation on up to 10 systems for evaluiation...

    Has this changed?

    They do have a paid Endpoint scheme...

    Some folks might be a tad quick to think the old HOme user addage  'Windows Security/Defender is free and reasonably good enough!!' also applies to business use...

    Hint: IT DOES NOT!

    Was this post helpful? thumb_up thumb_down
  • This isn't what you want to hear, but any BUSINESS should use a BUSINESS solution, ie, not free. I'm a big fan of Webroot. Fairly cost effective per seat. If your upper management doesn't see the benefit of protecting their network, you shouldn't band-aid it with free, because then it becomes permanent. 

    Also, nearly every free tool/software is free for home use only and is a licensing violation to use it in a business environment. 

    Spice (1) flagReport
    1 found this helpful thumb_up thumb_down
  • Also, I'd like to add that you need to get it in writing that you've suggested something not free to CYA when they get hit. Because you'll take the fall for it. 

    Spice (1) flagReport
    1 found this helpful thumb_up thumb_down
  • Hey dude, just don't rely on a free version, after all running a company requires tight security from threats and I am very dubious about the free versions.

    Was this post helpful? thumb_up thumb_down
  • Something additional to take note of on this - WatchGuard just released some new research that revealed traditional anti-malware solutions (and especially free ones) miss nearly 75% of threats. 

    If it's true that "you get what you pay for" on free solutions like this, I think what you're likely to 'get' when you rely on them is malware. 

    0 of 1 found this helpful thumb_up thumb_down

Read these next...

  • Snap! Reporting phishing in Teams, State of IT, Arc A770 graphics card, Optimus

    Snap! Reporting phishing in Teams, State of IT, Arc A770 graphics card, Optimus

    Spiceworks Originals

    Your daily dose of tech news, in brief. How is it already Monday? Actually, how is it already October 2022? It felt like SpiceWorld was just starting, and already it's over (for this year). But don't worry, the fun continues as this month is Cybers...

  • Can you run a print server on windows 10

    Can you run a print server on windows 10

    Windows

    I have many clients with no servers.  Looking for the best way to manage printers.If I share the printer then that machine that shares the printer needs to be online to print correct?   Having to always download the print driver and lookup the printers IP...

  • Lost of VDI rights on Windows 10 Enterprise E3

    Lost of VDI rights on Windows 10 Enterprise E3

    Software

    I am migration from standalone Windows 10 Enterprise E3 online subscription to Microsoft 365 E3 online subscription. However, I am seeing this in the terms.https://www.microsoft.com/licensing/terms/productoffering/Microsoft365/MOSADoes this mean I am losi...

  • Spark! Pro Series - 3rd October 2022

    Spark! Pro Series - 3rd October 2022

    Spiceworks Originals

    Welcome to Monday. I am currently sat at home in isolation, with my wife and I having succumbed to the dreaded Covid-19 after managing to avoid it for the last two and a half years! Still, it gives me the chance to indulge my fancy in yet another Spark! t...

  • What security best practices would you suggest?

    What security best practices would you suggest?

    Spiceworks

    It's Cybersecurity Awareness month, which if people took seriously, would likely be a great boon to all of ITkind. :)  The National Cybersecurity Alliance suggests some specific things that people can do to increase cybersecurity: Enabling multi-facto...