Products to compare
Voodooshield
OSarmour
Bitdefender
Re:Hips
Ransomoff
Compare
Proactive protection (Behavior blocker, HIPS, Sandbox)
Network protection (Firewall, Botnet protection)
Ransomware protection

kruts

Level 1
Sophos Home Premium does, in total 10 devices can be managed. Imo you are over-complicating with Sbie's, ReHIPS, etc. if you don't have knowledge in that area, it's not softwares for office. For over 10 devices you should be better look at the Sophos Intercept X lineup. Do basics, mandatory is that every user should be under SUA, limit via group policy what they can access, disable unnecasary things, secure network, always have a backup remote managing soft installed like Teamviewer, educate users, etc. For 7 users it's a walk in a park. Invest time in productivity and manageability not paranoia.
Yes, I agree there is a certain amount of paranoia from me on this. Based mostly on my lack of knowledge. I think I'm narrowing down my options
1. Voodooshield
2. Hitman pro alert
3. windows defender + configure defender
4. Whitelist ip address on router
5. Tighten firewall

My backup strategy is pretty solid, I use TeamViewer, I have train the users pretty regularly

Thanks for your reply
 

Umbra

Level 11
Verified
Windows 10 enterprise - users
windows 2016 server
so:

" I think I'm narrowing down my options"
1. Voodooshield ----> instead learn to use Windows 10 Ent. Applocker and Software Restriction Policy, more efficient than any anti-exe.

srp.jpg

2. Hitman pro alert ----> instead learn to use Windows 10 Exploit Guard, by default its protection is already enough.

EG.jpg


3. windows defender + configure defender ----> i do the same.
4. Whitelist ip address on router
5. Tighten firewall ----> i block all outbound connections in Windows Firewall , allowing only needed programs in case by case basis

i will add:
6- train your employees.


i have enterprise too on 2 machines, i set up the built-in security feature offered by windows, and i can tell you, it is so tight than even a legit installed software like Macrium can't install its update without my permission LOL.

Keep it simple and save money for the year end company party, your employees will appreciate it more than new security softs on their machines. ;)
 
Last edited:
From what I learned in my minor security for small to medium sized business

1. Use less privileged user architecture (basic user closes down 80% of the problems) and Windows Defender ASR (closes down document based threats) and Exploit Protection and enforce Windows Smartscreen (closes down webbased threats)
2. Use well known third party AV with focus on data leak control (so you prevent that your customer data base is copied and downloaded and closes down USB based threats)
3. Use a hosting party with really good mail protection (to close down mail based threats)
4. Use a cloud (data) partner with really backup/data protection (in case everything else fails)
5. Buy hardware which is strong enough to facilitate data encryption (and encrypt all your data in case hardware is stolen)

Off course @Umbra tips are valid, whitelisting (e.g. with AppLocker) is refered (in my minor) to as the golden standard, but in the Netherlands usually only applied for critical organizations (e.g. core banks, telecom and energy backbone companies, Schiphol airport, Roterdam harbour, etc).
 
Last edited:

Umbra

Level 11
Verified
Point 1 to 4 are valid, point 2 is optional in Windows 10 Ent. Because you have WD (tweakable) and with Windows Applocker/SRP, you can lock your employee computers and let them run only the required softwares for their job. Nothing else.
You don't have to do super-tight policies like bigger corporations, just allow installed apps.
WD + Applocker + SRP is way more efficient than any 3rd party AV, no compatibility issues, and free. You will have blacklisting, whitelisting, and privilege restrictions all at same time without surface attacks.
Of course, if you are more comfortable with a 3rd party software, it is all your choice.