PC protection for Non- profit organisations?

Hi everyone, I decided to open this topic because I think this forum is the best place to turn to with my problem.

I work as a volunteer in a non-profit humanitarian organisation that offers help and support for people with health and social problems. Because it is a non profit organisation it only gets all their resources from donations from sponsors and similar.

I am hoping someone could give me some advice, because we are in need of some kind of antivirus/antispyware solution, that is free, doesn't need any decision making from the user (many people that use our computers barely know how to surf the internet much less anything else), and is low on system resources (the computers in the organisation are a bit older, running WIN XP or 2000 and were all donated).

AVG, Avast, Antivir and similar are free only for private use and as far as I know offer 50% off to non-profits and charitable organizations at best, but I am wondering if anyone knows of a good free antivirus/antispyware solution for non-profits. I know there is also ClamWin and Comodo antivirus, but according to certain AV comparisons they both have bad detection rates. Comodo hips for example is also too demanding for a totally novice computer user (witch most of them are)..

At the moment these computers are without any AV/AS sollution and infested with viruses and spyware so they barely work. I took on the task of cleaning them, but don't really know how to keep them clean and working since I am limited by what can be legally installed on them. Hope someone can help.

Thanks in advance!

 

LUA definitely.

SRP if the computers are only dedicated to precise functions:
- internet
- office
...

With this policy (don't forget to give full ownershipof program files and windows directory), not only you make sure the computers will be used for what they are supposed to be, but you also ensure virus should stay away...

About antivirus, there is no good one I am aware of which could be free in your case.

This link could help:
https://www.wilderssecurity.com/showthread.php?t=256561

 

Windows Steady State is a free virtualization program that will work with the
XP running computers.
In an environment like you described,there is a lot about virtualization that is attractive.
(once you have all of them verified malware free.)

Bless you for your work on behalf of the disadvantaged.

 

Lucy is giving you some great advice. LUA and SRP would work great in your situation in XP. With the Win 2000 machine I'm afraid you're out of luck (maybe someone with more Win 2000 experience might chime in). To utilize SRP you could use Sully's Pretty Good Security application to achieve it (Sully makes it easy). Search this section for info on Limited User Accounts (LUA), Pretty Good Security, and Software Restriction Policy (SRP).

I second that sentiment. Good hearted folks are really hard to find and are to be appreciated when you find one. .

Later...

 

COMODO Antivirus is freeware to all, but I stopped using it a few months ago because of too many false positives.

F-Prot is not free but it is relatively inexpensive. I think that they "may" give an additional discount to non-profit organizations. Send them an E-Mail and ask for a discount.

http://www.f-prot.com/

 

Without focusing on the specific AV's mentioned...., the suggestions involving either LUA/SRP or Windows SteadyState are probably the best from the perspective of providing a robust maintenance free solution that doesn't depend on appropriate user input for what are nominally public use PC's.

It's important to recall that slapping virtually any AV on these machines really doesn't solve the underlying problem if users are either ill-equipped or choose to ignore the AV program alerts. Limiting the potential and scope that any user can compromise these machines (which is possible with either of the other solutions) is a decidedly more robust scheme.

Blue

 

sammyJack and Blue are certainly right.

if the main use of these computer is not production (doesn't require saving files on the computer) but rather consulting, surfing the web, saving data on usb keys... the best is virtualisation,ie., steadystate.

 

As others have said, in your case, the best policy is not to bet all on anti-virus products and such. Instead, you need to limit what the users can do to mess up the system. This means you have pretty much two options:

1) You can stay with Windows and move to using limited user accounts. If available, you can also use software restriction policies. And you can add things like Windows SteadyState also, but just remember that even with SteadyState you should use limited user accounts. Keep the operating system and applications up to date, and with this kind of setup you should have very little malware issues, if any.

2) You could move to Linux. If your users only need to be able to do things like browsing, email and office software, and don't need to install software of their own, then Linux would be a very good choice even for a user who is completely unfamiliar with computers, Windows or Linux. Linux distributions like Ubuntu 9.10 are free to use for everyone, including business organizations. Just about all malware out there currently is made for Windows, and will not work in Linux. Even the most incompetent user has little to worry about malware in Linux currently, and I see no reason why this would dramatically change any time soon.

 

Thank you all very much for your suggestions!

Lucy, thank you very much for the suggestion but like Trespasser (thank you as well) pointed out - LUA & SRP will be useful only for the computers running win XP. More than half of the computers are running Win 2000 so it solves half of the problem I guess..

I am also interested in SammyJack's suggestion (thank you) about Windows Steady State & Pretty Good Security, but the problem is it both seems to be only for Windows XP (and Windows Vista) as well, so again I guess it would solve only half of the problem..

TheKid7, I have to agree with BlueZannetti on this one, but I thank you for the suggestion. Anyway if I chose one AV out of the ones I know are freeware, it would be COMODO or Spyware Terminator (with integrated ClamAV), but I'm afraid it wouldn't be effective enough, since their detection rates are low(er) and the HIPS & firewall in CIS would be overload in all aspects. Also these computes are older so a solution that is easy as possible on RAM and CPU would definitely be the way to go.

Windchild, Linux would solve all our problems when it comes to malware, I agree, but the problem is I was told our users are supposed to be learning the basics of using computers on these machines and most computers as we know are running Windows, so basically we couldn't teach them how to use ''typical computers'' with Linux. At least that is what I was told when I starded as a volunteer and noticed this problem and gave this suggestion myself. I suspect it also has much to do with the fact that their employed in charge of computer maintanance is a bit older and hasn't got much/any experience with using Linux (I believe)...

I forgot to mention in my first post that the these computers are used mostly for surfing on the internet, but also to teach people how to use computers in general. It might sound wierd to some of us, but there are many older people with no experince in computing and also people that never had the money or chance to use one. Sorry for forgeting to mention this.

Anyway I see now there is a very limited amount of solutions. I think it's sad that big PC security companys don't care about non-profit humanitarian organisation, they at best give you some discount, it's like they don't know that such organisations have very limited resources and what they do have should be used to help people and not for virus and spyware protection...

BTW. Does anyone know about COMODO Time Machine BETA? Is it stable enough and can it be used on win 2000?? I wish the final release would come soon, this comodo product is the only thing I know of, that could solve more or less all our problems. I think.

Again thank you all for the suggestions and support and sorry for not using qutations when replying to your posts. If anyone has any other ideas than the ones mentioned up untill now, I am open for suggestions.

 

Hi Mors_Victrix!

I am pretty sure Comodo Time Machine only works on Windows XP and higher.

There is a setting for the full Comodo Internet security,that is simple default deny,and gives no pop-ups for users at all.


You can find it at
:http://forums.comodo.com/feedbackco...e_max_security_with_zero_alerts-t44371.0.html

As far as resource usage,the Comodoian Hoard, claim the whole suite is light.

Maybe a mixture of solutions for the different operating systems will be needed.
On fairly static installs,this should not be the administrative nightmare it would be in a more fluid environment.

One pseudo-solution would be just to crank the Windows Internet Options Security setting up to max.
This will stop downloading of Execs,and still allow surfing.

keep the faith.

 

Well this is very good news! So all I need to do is clean the computers from malware and properly install and configure CIS. Great! Thank you very much for the info and the link SammyJack!

Does anyone know if Superantispyware & Malwarebytes' Anti-Malware free scanners are also free for non-profit organisations and if I could use them for cleaning the computers and maybe later for backup scanners from time to time (just in case)? I think Malwarebytes' Anti-Malware is but I am not so sure about Superantispyware. The same question goes for Trend Micro Housecall (only online scanner I know to offer cleaning or deleting of infected files) or BitDefender free edition for backup AV scanning.

But I am not sure if installing a backup AV & AS sollution would even be needed after I clean the computers and use SammyJack's adwice.

Thank you all very much for your help!