One counterexample to your point is worth mentioning: Startups driven by ex-academics. There are case studies of successful ventures where researchers came out of the university and into the private sector to apply research to commercial problems. They are niche, but perhaps that's how you could clarify your assertion - by also mentioned niche solutions based on solid research.
With twenty machines, I'm going to go out on a limb and say don't! You have a large enough user base that you should use a hard disk image backup system, yet a small enough base that the infections would be manageable. Since your primary server isn't windows you may want to set up your network so each user workstation cannot connect to the others, then let them be on their way. The CPU usage of constant disk scanning is a drag on the user's machine. Weighed 20 of them versus the time for you to recreate an image of a particular users disk then swap them out. Besides, if one particular user is a problem it will play out as negative reinforcement for whatever they are doing to get infected.
My reasoning is that users often disable the scan anyway, so you would be trying to combat that behavior by tweaking the application/system security policies. Don't waste your time, if they get infected waste theirs. They won't do it again....
If A = B and B = C, then A = C, except where void or prohibited by law. -- Roy Santoro