Security setup for small office with old computers

Rangan Das

Apr 28, 2013
Got a small office with 6-7 year old computers (Quad Core AMD A8 processors, 4 GB RAM) running Windows 10, all connected to the internet via a central router. Most of these are for document/spreadsheet work and occasional internet browsing, Dreamweaver and Visual Studio and light graphics work in Illustrator and Photoshop.

I need a proper security suite that makes sure that these computers are safe and does not take a toll on the performance (note the processor). When I got my hands on these system, I found it infected with random Trojans and a couple of bitcoin miners. All were running Windows 10, fully updated and also with Defender running. I found the infections on running Hitman Pro. As Hitman Pro uses the BD and Kaspersky engine, I installed Kaspersky Anti Virus on two systems and found that it affected the startup speed moderately.

Since the people using these systems will not do much maintenance, I have to ensure a foolproof setup. Mostly, these malwares come from adware downloaded over the internet and infected flash drives. Even my flash drive got infected with one of those Autorun viruses. Once infected, the infection spreads over the network.

I was thinking of Windows Defender + Malwarebytes Anti Malware + Anti Exploit. How is that combination? I personally use Bitdefender, and I see that it uses a lot of memory. I really need to know which security suite is really light on system resources and offers moderate protection (at least better than what Defender is offering right now).

The good news is that all the deviecs are running on legit copies of WIndows 10 that are totally updated and patched. At present, the systems look stable, I removed whatever I could using Hitman Pro, did a repair upgrade on all the systems using the Windows 10 ISO image, did a disk cleanup and defragged the system drives.

Now, I need a suggestion.
Mar 30, 2015
Well, first of all, prevent network access to other machines on Windows 10. Even if a system is infected at least it won't spread between them. A good antivirus is essential, but there are a few more things you could do.
1. Regular reinstall/backup- This works better in Linux, but it amounts to this: Every month, week or other interval reinstall Windows 10, then clone over programs from a secure library of backups of said programs. Downsides: Can take some time and people might forget to save programs on aforesaid infected flash drives.
2. Use guest accounts- upside- downloaded adware not a problem but USB bugs still might be.
3. Migrate to Linux dual boot. With a solid Linux antivirus, and typical use on the Linux installation security probably won't be an issue at all. Infected flash drives? No problem! Though adware could be downloaded nothing would probably get installed since most only works on Windows especially since the Linux repositories are very good. Downsides: Harder to set up, a bit harder to run initially, isn't compatible with Photoshop (although plays very well with GIMP which is pretty good software) and Microsoft Office (sans 365 browser based). Also might baffle users especially if you use a radical GUI such as Unity or even GNOME these days.