People are out to get you. Your business, your users, your systems and your data all have value to someone. You could be targeted because you have something that someone specifically wants, or because attackers are hoping to find bank account details or email addresses to spam, or because they want your compute power for a …
Don't think Security Essentials is licensed for Enterprise use. Might want to correct that bit!
It is licensed if your Enterprise is 10 PCs or less :)
Quote from http://windows.microsoft.com/en-us/windows/security-essentials-download
Need security for your business?
Microsoft Security Essentials is available for small businesses with up to 10 PCs. If your business has more than 10 PCs, you can help protect them with Microsoft System Center 2012 Endpoint Protection .
"users happily clicking a link"
Education doesn't work here. Nothing happens. People roll their eyes and keep on sending out info.
What you do is forward a non-company-related domain internally to the security admins. Send an email to folks from that, asking for their sensitive info. People that do it, get a quiet chat. People that do it twice get a reprimand or worse. Word gets around and people shape up.
You don't educate employees to not mail out passwords. Loss of half a paycheck convinces employees to not mail out passwords. Same as everyone else.
Re: "users happily clicking a link"
I know what you mean - but it's a heavy handed approach and you need top down support to do that. It depends how much value you put in your data, and the cost of getting rid of people vs the lost revenue from those people going.
Interesting article, paranoia may indeed be the best mind set for this digital era we find ourselves in.
I'm often surprised when the use of multi-scanning is not advocated in articles such as these, its high time that the industry as addressed the imperfections of AV engines across the board!
I would encourage you to read how companies such as OPSWAT are aggregating as many engines as possible to validate the integrity of endpoints.
I bet u tried to click on title ? no, good, I deal with end users, a lot see the word FREE & tits/beer/money/trips and they click on it, and on, and on, deeper into the trap ....
My defenses are Backup, BackUP, BACKUP, to USB/NAS and my HOME PC, Media Centre/ Game system Have no internet connection only Local..... Only my laptops network can hook to net, luckly in linux its easy to offline update other systems in background, when & hopefully with what I choose after a download ...
Mostly running a VM in xubuntu from a live DVD is pretty easy, If a bug eats my VMSystem, I KILL process ...
Laptops, mostly using a live dvd distro, a reboot is enough, (or use another one while, or reboot in WIN7 if stupid ), If it gets to actual machine, then format reinstall, all my docs or Downloads on usb stick/drive are safe, maybe, if they are, then scanned, preened and polished they make to home net & Storage...