I am responsible for the computers of a very small business (think family business small). As we know support for windows 10 devices will end on 10.2025. Due to some technical and software reasons the computers will have to stay on windows 10 for about a year after support ends.
Paying for extended updates is not an option since the computers are being used without microsoft accounts (for privacy reasons).
I have hardened them as much as i can for security and privacy. My plan is after support ends to incorporate a few additional security measures to mitigate as much as possible the lack of updates:
- Using 0-patch (free version unfortunately)
- Using controld malware DNS on the router level (right now it is set to adblock)
- Removing non-critical software
- Antivirus - now this is the part i need help with.
Right now the computers run Windows defender, but since support will end probably will be a good idea to install something like Bitdefender to keep the pc secure. The problem i see is that Bitdefender or any other 3d party AV will collect and sell data to data brokers. I have tried to read Bitdefender privacy policy but it is very confusing. I do not want some company files to be uploaded and the data sold.
One option is to not install any 3d party AV and do manual scans with emisoft emergency kit which does not collect and sell any data, but the scan is post factum. If there was malware it would have already done its damage.
What do you think? Is it better to install a 3d party AV for better security but compromising the privacy (the pc hold banking and company stuff so…)