Ransomware has become the weapon of choice for the major cyber-crime organizations, posing an existential threat to businesses that fall victim. The latest strains of ransomware target everything, including backup, making even partial recovery a long and expensive process. New variations of ransomware like Ryuk, Hermes, and MongoLock have made the headlines, displacing WannaCry, Locky, and NotPetya in notoriety, elaborateness, and destructive impact.
90% of ransomware infections come from innocent-seeming emails with malicious links or attachments, and many are so-called "zero-day" attacks that can escape detection by traditional signature-based antivirus (AV) tools. While user education and frontline detection are critical to defend against ransomware, best practices dictate that you assume some attacks will succeed and that you put in place a strong backup solution that allows you to recover quickly with minimal damage.
Progent's ProSight Ransomware Preparedness Report is an ultra-affordable service centered around an interview with a Progent security consultant experienced in ransomware defense and recovery. Progent will help determine your company's readiness to block or recover from a ransomware attack. During this interview Progent will work directly with you to gather pertinent information about your security and backup environment. Progent will use this information to produce a written Basic Security and Best Practices Report detailing how to apply best practices for configuring and managing your security and backup systems.
Progentís Basic Security and Best Practices Report focuses on key issues associated with prevention (Security) and recovery (Backups). The review addresses:
- Correct use of administration accounts
- Correct NTFS and SMB permissions
- Optimal firewall settings
- AntiVirus and configuration
The interview process included with the ProSight Ransomware Preparedness Report service takes about one hour for a typical small business network and longer for larger or more complex environments. The written report includes recommendations for improving your ability to ward off or recover from a ransomware attack, and Progent can provide as-needed expertise to help you and your IT staff create a cost-effective security/backup solution tailored to your business needs.
- Split permission model for backup protection
- Backing up required servers (AD)
- Offsite backups including cloud backup to Azure
Ransomware is a form of malware that either encrypts files so they are unreadable or deletes them altogether. Ransomware often locks the victim's computer so it is unusable. To reverse the damage, the victim is required to pay a specified amount of money (the ransom), typically via a crypto currency like Bitcoin, within a short time window. There is no guarantee that paying the ransom will result in a recovery. Compromised or deleted files can extend throughout a network depending on the victim's write permissions, and the military-grade encryption algorithm used on the hostage files cannot be broken. The most common ransomware attack vector is spoofed email, which the user is lured into opening by a social engineering technique known as spear phishing. This makes the email look as though it came from a trusted sender.
CryptoLocker opened the modern era of ransomware in 2013, and the damage caused by ransomware variants is estimated at billions of dollars annually, more than doubling every two years. Notorious recent threats include WannaCry/WannaCrypt, Locky, Cerber, NotPetya and Spora. Current high-profile threats like Ryuk, Hermes, and MongoLock are more elaborate and have caused more havoc. Because new variants of ransomware crop up daily, there is no guarantee that conventional signature-matching anit-virus tools will block the latest attack. If an attack does show up in an email, it is critical that your users have been educated to be wary of social engineering tricks. Your last line of defense is a solid scheme for scheduling and retaining offsite backups plus the deployment of reliable recovery tools.
ProSight Managed Services Offered by Progent
Progent's ProSight network management suite is a family of affordable, subscription-based service packages that allow small and mid-size businesses to outsource crucial IT management functions. ProSight services that can help defend against or recover from ransomware attacks include email filtering, next-generation AV based on behavior analysis, automatic isolation of infected computers and immediate inoculation of safe devices, plus cloud-based backup with both granular and whole-site recovery.
Read or Download Progent's White Paper: 10 Benefits of Managed IT Services
- ProSight Active Security Monitoring: Endpoint Protection and Ransomware Defense
ProSight Active Security Monitoring (ASM) is an endpoint protection service that utilizes cutting edge behavior-based analysis technology to guard physical and virtual endpoint devices against modern malware attacks such as ransomware and email phishing, which easily evade traditional signature-based anti-virus tools. ProSight Active Security Monitoring safeguards on-premises and cloud-based resources and offers a unified platform to manage the complete malware attack lifecycle including filtering, identification, containment, remediation, and post-attack forensics. Key capabilities include one-click rollback using Windows Volume Shadow Copy Service (VSS) and automatic network-wide immunization against new threats. Read more about Progent's ProSight Active Security Monitoring next-generation endpoint protection and ransomware recovery.
- ProSight Enhanced Security Protection: Physical and Virtual Endpoint Protection and Microsoft Exchange Email Filtering
Progent's ProSight Enhanced Security Protection services offer affordable multi-layer security for physical servers and VMs, workstations, smartphones, and Microsoft Exchange. ProSight ESP uses contextual security and modern behavior analysis for round-the-clock monitoring and responding to cyber assaults from all vectors. ProSight ESP provides firewall protection, intrusion alarms, device control, and web filtering via cutting-edge tools packaged within one agent managed from a unified control. Progent's security and virtualization consultants can help you to design and configure a ProSight ESP deployment that addresses your organization's unique requirements and that helps you prove compliance with legal and industry information security standards. Progent will assist you define and implement policies that ProSight ESP will manage, and Progent will monitor your network and respond to alerts that call for immediate action. Progent can also help your company to install and verify a backup and restore solution like ProSight Data Protection Services so you can recover rapidly from a destructive cyber attack like ransomware. Find out more about Progent's ProSight Enhanced Security Protection (ESP) unified endpoint protection and Microsoft Exchange filtering.
- ProSight Data Protection Services: Managed Backup and Recovery
ProSight Data Protection Services offer small and medium-sized organizations an affordable end-to-end service for secure backup/disaster recovery (BDR). For a low monthly price, ProSight DPS automates your backup processes and enables rapid restoration of vital files, applications and VMs that have become lost or corrupted due to hardware failures, software glitches, natural disasters, human mistakes, or malicious attacks such as ransomware. ProSight DPS can help you back up, recover and restore files, folders, applications, system images, plus Hyper-V and VMware images/. Critical data can be backed up on the cloud, to a local storage device, or to both. Progent's cloud backup consultants can deliver world-class support to configure ProSight Data Protection Services to to comply with government and industry regulatory requirements such as HIPPA, FIRPA, PCI and Safe Harbor and, whenever needed, can assist you to restore your business-critical information. Read more about ProSight Data Protection Services Managed Backup and Recovery.
- ProSight Email Guard: Inbound and Outbound Spam Filtering and Data Leakage Protection
ProSight Email Guard is Progent's spam filtering service that uses the technology of top data security companies to deliver web-based management and world-class security for all your email traffic. The hybrid architecture of Progent's Email Guard managed service combines cloud-based filtering with a local gateway device to provide complete defense against spam, viruses, Denial of Service Attacks, Directory Harvest Attacks, and other email-borne malware. The cloud filter acts as a first line of defense and keeps the vast majority of unwanted email from reaching your security perimeter. This decreases your vulnerability to inbound attacks and saves network bandwidth and storage. Email Guard's onsite security gateway appliance adds a further level of analysis for inbound email. For outbound email, the on-premises security gateway provides AV and anti-spam protection, policy-based Data Loss Prevention, and email encryption. The local gateway can also assist Microsoft Exchange Server to monitor and safeguard internal email traffic that stays inside your security perimeter. For more information, see ProSight Email Guard spam filtering and data leakage protection.
- ProSight WAN Watch: Infrastructure Management
ProSight WAN Watch is an infrastructure management service that makes it easy and affordable for smaller organizations to map out, monitor, optimize and troubleshoot their networking hardware like routers and switches, firewalls, and wireless controllers plus servers, printers, endpoints and other devices. Using cutting-edge RMM technology, WAN Watch ensures that network maps are always current, copies and manages the configuration information of almost all devices connected to your network, monitors performance, and sends notices when potential issues are detected. By automating complex management activities, ProSight WAN Watch can knock hours off ordinary chores such as making network diagrams, expanding your network, locating devices that require important updates, or resolving performance bottlenecks. Find out more details about ProSight WAN Watch infrastructure monitoring and management services.
- ProSight LAN Watch: Server and Desktop Remote Monitoring
ProSight LAN Watch is Progentís server and desktop monitoring managed service that uses state-of-the-art remote monitoring and management technology to keep your IT system operating at peak levels by tracking the health of vital computers that drive your information system. When ProSight LAN Watch uncovers a problem, an alert is transmitted immediately to your designated IT staff and your assigned Progent consultant so that all potential problems can be addressed before they have a chance to disrupt your network. Find out more about ProSight LAN Watch server and desktop remote monitoring consulting.
- ProSight Virtual Hosting: Hosted Virtual Machines at Progent's World-class Data Center
With ProSight Virtual Hosting service, a small or mid-size business can have its critical servers and applications hosted in a secure fault tolerant data center on a fast virtual machine host set up and managed by Progent's IT support experts. Under the ProSight Virtual Hosting service model, the client owns the data, the OS platforms, and the applications. Since the environment is virtualized, it can be moved easily to an alternate hardware solution without a lengthy and technically risky configuration process. With ProSight Virtual Hosting, you are not locked into one hosting provider. Find out more about ProSight Virtual Hosting services.
- ProSight IT Asset Management: Network Documentation Management
Progent's ProSight IT Asset Management service is a cloud-based IT documentation management service that allows you to create, maintain, find and safeguard data about your IT infrastructure, procedures, applications, and services. You can instantly locate passwords or serial numbers and be alerted about upcoming expirations of SSLs or warranties. By updating and organizing your IT documentation, you can eliminate up to half of time wasted searching for critical information about your network. ProSight IT Asset Management includes a centralized repository for holding and sharing all documents related to managing your network infrastructure like recommended procedures and How-To's. ProSight IT Asset Management also offers advanced automation for collecting and relating IT data. Whether youíre planning improvements, performing maintenance, or responding to a crisis, ProSight IT Asset Management gets you the data you require when you need it. Learn more about ProSight IT Asset Management service.
To view a white paper describing why managed services are rapidly takingthe place of the old break/fix model of IT support for small and mid-size organizations, click:
10 Benefits of Managed IT Services. (PDF - 710 KB)
ProSight Network Audits
Progent's ProSight Network Audits are a fast and low-cost alternative for small and medium-size organizations to obtain an unbiased evaluation of the overall health of their IT system. Powered by some of the top remote monitoring and management platforms available, and supervised by Progent's certified group of information technology experts, ProSight Network Audits show you how closely the configuration of your essential infrastructure assets conform to best practices. The Basic and Advanced options for ProSight Network Audit services are available at a low, one-time cost and provide immediate benefits like a cleaner Active Directory system. Both also include a year of advanced remote network monitoring and management (RMM). Advantages can include simpler management, improved compliance with information security requirements, higher utilization of IT assets, quicker troubleshooting, more reliable backup and restore, and less downtime. Read more about Progent's ProSight Network Audits IT infrastructure assessment.
Contact Progent to Find Out More about Progent's ProSight Ransomware Preparedness Report Service
For pricing information and to learn more about how Progent's ProSight Ransomware Preparedness Report can reduce your vulnerability to ransomware, call Progent at 800-993-9400 or visit Contact Progent.