Small business – about 25 PC and 2 Mac’s. We have no formal tech support – it is bought in as and when we need, and two of us amateur geeks sort out minor issues and new machine set up. Machines are not monitored formally, we are just migrating to an Office365 based remote desktop from a different hosted desktop.
Currently use ESET Endpoint (6.0) across all.
I am being asked if we should renew ESET (renewal is up same day we migrate to 365 next week), or is on PC the Windows Defender is acceptable.

What says Singletrackworld?

Windows Defender is more than fine for the Windows PCs. (We run it at medium sized 200+ seat financial services firm)

Q: Why are you “mirgrating to an Office365 based remote desktop” – why not just access O365 on your local Windows PC?

Knowing of 2 very big international companies close to our industry that have been hit by ransomware this week, I would not want to skimp on protection for the extra £1k PA it may cost you. imo windows defender is not acceptable even at home.

I’m looking at BitDefender protection for work atm.

Running McAfee on our estate but then that’s about 200,000+ clients globally and you need the management features.

For smaller endeavours I’d see no downsides with the built in win-10 protections on desktops.

Your biggest cyber risk is probably your own employees doing stupid things, so make sure your mail infra is protected correctly and then get *all over* what access people require to what things – have managers review people’s access on a 6-monthly basis and revoke access when people have moved departments / change job role.

Windows Defender is fine for most SME use cases, there’s a paid version with some extra features to if you want to go a bit further. It really isn’t skimping on protection to use it.

As for other recommendations, we run McAfee on desktops and some servers and Symantec End Point Protection on other servers. I say recommendations but both are pretty painful to deploy and manage in-house and unless you need centralised policy and reporting functionality are overkill

You could also look at anti-malware tools (we run Fireye Endpoint Security) but bear in mind the more things that are scanning files the slower your PCs are going to run

From a protection perspective they’re much of a muchness:
https://www.av-test.org/en/antivirus/business-windows-client/

The fact it’s built in, turned on by default and is fire and forget wins for me over the hassle of managing another platform. (We’re Ex-MCAfee btw). As above, people and process, as well as technology are where you want to be looking.

If you’re using Azure AD then you can get decent reporting and notification on your Windows Defender and Security updates through that but sounds like overkill for you.

Not Kaspersky.

As said employees are your biggest risk. Use windows defender and invest the money saved in security awareness training for your staff.

I work for a small MSP and we have sold and supported lots of different antivirus packages but now sell and support Sophos. It really is one of the best at the moment, just make sure to go for the Sophos Intercept X Advanced version. Its not the cheapest but is a great tool to help defend against ransomware.

As said employees are your biggest risk

Make sure 2FA is turned on. Employees are the weakest link.

Sophos.

read this https://decentsecurity.com/

eSet is just fine.  I find it still works well and isn’t too resource hungry.   The reason for having any business package is really so you can centrally see if it is all still working and set up correctly and the eSet control panel seems just fine at that.

Q: Why are you “mirgrating to an Office365 based remote desktop” – why not just access O365 on your local Windows PC?

We will do – I’ve not ever used 365, certainly not for a shared business drive of resources, CRM etc. Training on Tuesday.

Cheers all – agree that staff are biggest risk.

You need to flip it on its head. Start from the point of view that if you can’t control your users, how do you protect your data? e.g. When you get ransomwared, how long will it take you to restore your business to a functioning state? If your customer database goes on a Russian holiday, will it be encrypted?

Antivirus/endpoint protection is just part of the picture, especially given the move to cloud.

That ^^

And this.

Use windows defender and invest the money saved in security awareness training for your staff.

Staff awareness and training will help but Windows Defender, keeping up to date with patches and not allowing anybody an admin account unless they are actually administrators will (probably!) see you right. And a robust and tested backup/restore strategy.

Windows Defender on PCs, decent firewall on the network, protection on the mail server (though 365 will do much of this for you), lock down the group security policies, assuming the PCs are on an AD.

Can get restrictive in what can be installed and run, or use mail services that pre filter and replace links and attachments as appropriate, though this can get annoying.

Educate on use of USB sticks or ban them.