Ransomware has become the weapon of choice for the major cyber-crime organizations, posing an existential threat to businesses that fall victim. The latest strains of ransomware target everything, including backup, making even partial recovery a long and expensive process. New variations of ransomware like Ryuk, Hermes, and MongoLock have made the headlines, displacing WannaCry, Locky, and NotPetya in notoriety, elaborateness, and destructive impact.
90% of ransomware infections come from innocent-seeming emails with malicious links or attachments, and many are so-called "zero-day" attacks that can escape detection by traditional signature-based antivirus (AV) tools. While user education and frontline detection are critical to defend against ransomware, best practices dictate that you assume some attacks will succeed and that you put in place a strong backup solution that allows you to recover quickly with minimal damage.
Progent's ProSight Ransomware Preparedness Report is an ultra-affordable service centered around an interview with a Progent security consultant experienced in ransomware defense and recovery. Progent will help determine your company's readiness to block or recover from a ransomware attack. During this interview Progent will work directly with you to gather pertinent information about your security and backup environment. Progent will use this information to produce a written Basic Security and Best Practices Report detailing how to apply best practices for configuring and managing your security and backup systems.
Progentís Basic Security and Best Practices Report focuses on key issues associated with prevention (Security) and recovery (Backups). The review addresses:
- Correct use of administration accounts
- Correct NTFS and SMB permissions
- Optimal firewall settings
- AntiVirus and configuration
The interview process included with the ProSight Ransomware Preparedness Report service takes about one hour for a typical small business network and longer for larger or more complex environments. The written report includes recommendations for improving your ability to ward off or recover from a ransomware attack, and Progent can provide as-needed expertise to help you and your IT staff create a cost-effective security/backup solution tailored to your business needs.
- Split permission model for backup protection
- Backing up required servers (AD)
- Offsite backups including cloud backup to Azure
Ransomware is a form of malware that either encrypts files so they are unreadable or deletes them altogether. Ransomware often locks the victim's computer so it is unusable. To reverse the damage, the victim is required to pay a specified amount of money (the ransom), typically via a crypto currency like Bitcoin, within a short time window. There is no guarantee that paying the ransom will result in a recovery. Compromised or deleted files can extend throughout a network depending on the victim's write permissions, and the military-grade encryption algorithm used on the hostage files cannot be broken. The most common ransomware attack vector is spoofed email, which the user is lured into opening by a social engineering technique known as spear phishing. This makes the email look as though it came from a trusted sender.
CryptoLocker opened the modern era of ransomware in 2013, and the damage caused by ransomware variants is estimated at billions of dollars annually, more than doubling every two years. Notorious recent threats include WannaCry/WannaCrypt, Locky, Cerber, NotPetya and Spora. Current high-profile threats like Ryuk, Hermes, and MongoLock are more elaborate and have caused more havoc. Because new variants of ransomware crop up daily, there is no guarantee that conventional signature-matching anit-virus tools will block the latest attack. If an attack does show up in an email, it is critical that your users have been educated to be wary of social engineering tricks. Your last line of defense is a solid scheme for scheduling and retaining offsite backups plus the deployment of reliable recovery tools.
ProSight Managed Services Offered by Progent
Progent's ProSight network management suite is a family of affordable, subscription-based service packages that allow small and mid-size businesses to outsource crucial IT management functions. ProSight services that can help defend against or recover from ransomware attacks include email filtering, next-generation AV based on behavior analysis, automatic isolation of infected computers and immediate inoculation of safe devices, plus cloud-based backup with both granular and whole-site recovery.
Read or Download Progent's White Paper: 10 Benefits of Managed IT Services
- ProSight Active Security Monitoring: Endpoint Protection and Ransomware Defense
Progent's ProSight Active Security Monitoring is an endpoint protection solution that utilizes next generation behavior-based analysis technology to guard physical and virtual endpoint devices against new malware attacks like ransomware and file-less exploits, which easily evade traditional signature-matching anti-virus products. ProSight ASM protects local and cloud-based resources and offers a unified platform to manage the complete threat lifecycle including protection, identification, mitigation, cleanup, and post-attack forensics. Top features include single-click rollback with Windows Volume Shadow Copy Service (VSS) and real-time system-wide immunization against newly discovered threats. Read more about Progent's ProSight Active Security Monitoring next-generation endpoint protection and ransomware defense.
- ProSight Enhanced Security Protection: Endpoint Protection and Microsoft Exchange Email Filtering
ProSight Enhanced Security Protection (ESP) services deliver economical multi-layer security for physical and virtual servers, workstations, mobile devices, and Exchange Server. ProSight ESP utilizes adaptive security and advanced machine learning for round-the-clock monitoring and responding to cyber threats from all vectors. ProSight ESP provides two-way firewall protection, intrusion alarms, endpoint control, and web filtering via cutting-edge technologies packaged within a single agent managed from a single control. Progent's security and virtualization experts can assist you to plan and configure a ProSight ESP deployment that meets your organization's unique needs and that allows you demonstrate compliance with government and industry data security regulations. Progent will help you specify and implement policies that ProSight ESP will manage, and Progent will monitor your IT environment and react to alerts that call for urgent attention. Progent can also assist you to set up and test a backup and disaster recovery system like ProSight Data Protection Services so you can get back in business rapidly from a potentially disastrous security attack like ransomware. Read more about Progent's ProSight Enhanced Security Protection unified endpoint security and Microsoft Exchange filtering.
- ProSight Data Protection Services: Managed Backup and Disaster Recovery
ProSight Data Protection Services from Progent provide small and medium-sized businesses a low cost and fully managed service for reliable backup/disaster recovery (BDR). Available at a fixed monthly rate, ProSight Data Protection Services automates your backup processes and enables rapid recovery of vital data, applications and virtual machines that have become lost or corrupted due to hardware breakdowns, software bugs, disasters, human error, or malware attacks such as ransomware. ProSight DPS can help you back up, retrieve and restore files, folders, applications, system images, plus Microsoft Hyper-V and VMware images/. Critical data can be backed up on the cloud, to a local device, or mirrored to both. Progent's backup and recovery specialists can deliver advanced support to configure ProSight DPS to to comply with regulatory requirements like HIPPA, FINRA, and PCI and, whenever necessary, can assist you to recover your critical information. Read more about ProSight DPS Managed Cloud Backup and Recovery.
- ProSight Email Guard: Inbound and Outbound Spam Filtering and Data Leakage Protection
ProSight Email Guard is Progent's spam filtering service that incorporates the technology of top information security vendors to deliver web-based management and world-class protection for all your inbound and outbound email. The powerful structure of Email Guard managed service combines cloud-based filtering with an on-premises gateway device to offer complete defense against spam, viruses, Denial of Service Attacks, Directory Harvest Attacks (DHAs), and other email-borne malware. The Cloud Protection Layer acts as a first line of defense and keeps the vast majority of threats from reaching your security perimeter. This reduces your vulnerability to inbound attacks and conserves system bandwidth and storage space. Email Guard's on-premises gateway appliance provides a deeper layer of inspection for inbound email. For outbound email, the onsite security gateway provides anti-virus and anti-spam protection, protection against data leaks, and email encryption. The onsite gateway can also assist Microsoft Exchange Server to monitor and safeguard internal email traffic that originates and ends within your corporate firewall. For more information, see ProSight Email Guard spam filtering and data leakage protection.
- ProSight WAN Watch: Infrastructure Management
ProSight WAN Watch is a network infrastructure management service that makes it simple and inexpensive for small and mid-sized organizations to map out, monitor, optimize and troubleshoot their networking hardware such as routers, firewalls, and access points plus servers, printers, endpoints and other networked devices. Incorporating state-of-the-art Remote Monitoring and Management (RMM) technology, ProSight WAN Watch ensures that network diagrams are always current, copies and displays the configuration information of virtually all devices connected to your network, monitors performance, and sends alerts when potential issues are detected. By automating time-consuming management processes, ProSight WAN Watch can cut hours off common chores such as network mapping, expanding your network, locating appliances that need important updates, or isolating performance problems. Find out more about ProSight WAN Watch network infrastructure management services.
- ProSight LAN Watch: Server and Desktop Monitoring
ProSight LAN Watch is Progentís server and desktop remote monitoring managed service that uses state-of-the-art remote monitoring and management technology to help keep your IT system operating at peak levels by checking the health of critical computers that drive your information system. When ProSight LAN Watch uncovers an issue, an alert is sent automatically to your designated IT management personnel and your assigned Progent consultant so all potential issues can be addressed before they can disrupt your network. Learn more details about ProSight LAN Watch server and desktop remote monitoring services.
- ProSight Virtual Hosting: Hosted Virtual Machines at Progent's Tier III Data Center
With ProSight Virtual Hosting service, a small business can have its critical servers and applications hosted in a secure fault tolerant data center on a fast virtual host set up and managed by Progent's IT support experts. With the ProSight Virtual Hosting service model, the customer owns the data, the operating system platforms, and the apps. Since the system is virtualized, it can be ported easily to an alternate hardware environment without requiring a time-consuming and technically risky reinstallation procedure. With ProSight Virtual Hosting, you are not locked into one hosting provider. Find out more details about ProSight Virtual Hosting services.
- ProSight IT Asset Management: Network Documentation Management
Progent's ProSight IT Asset Management service is an IT infrastructure documentation management service that allows you to capture, update, find and protect information related to your IT infrastructure, processes, business apps, and services. You can quickly locate passwords or IP addresses and be warned about impending expirations of SSLs or warranties. By cleaning up and organizing your IT infrastructure documentation, you can save up to half of time thrown away searching for critical information about your IT network. ProSight IT Asset Management features a centralized location for storing and sharing all documents required for managing your business network like standard operating procedures (SOPs) and self-service instructions. ProSight IT Asset Management also supports a high level of automation for collecting and associating IT data. Whether youíre making enhancements, doing regular maintenance, or reacting to a crisis, ProSight IT Asset Management gets you the data you require the instant you need it. Learn more about ProSight IT Asset Management service.
To view a white paper describing why managed services are quickly takingthe place of the old break/fix model of network support for small and mid-size companies, click:
10 Benefits of Managed IT Services. (PDF - 710 KB)
ProSight Network Audits
Progent's ProSight Network Audits offer a fast and low-cost way for small and medium-size organizations to obtain an unbiased evaluation of the overall health of their network. Based on some of the leading remote monitoring and management tools in the industry, and overseen by Progent's certified team of IT professionals, ProSight Network Audits help you see how well the deployment of your essential infrastructure assets adhere to leading practices. Both the Basic and Advanced versions of ProSight Network Audit services are available at a low, one-time cost and deliver immediate ROI such as a cleaner Active Directory (AD) system. Both also come with one year of advanced remote network monitoring and management (RMM). Benefits can include simpler network management, better compliance with information security requirements, more efficient utilization of IT resources, faster problem resolution, more dependable backup and restore, and higher availability. See more about Progent's ProSight Network Audits network infrastructure review.
Contact Progent to Find Out More about Progent's ProSight Ransomware Preparedness Report Service
For pricing information and to learn more about how Progent's ProSight Ransomware Preparedness Report can reduce your vulnerability to ransomware, call Progent at 800-993-9400 or visit Contact Progent.