Ransomware has become the weapon of choice for the major cyber-crime organizations, posing an existential threat to businesses that fall victim. The latest strains of ransomware target everything, including backup, making even partial recovery a long and expensive process. New variations of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, and Egregor have made the headlines, displacing WannaCry, Cerber, CryptoWall, and NotPetya in notoriety, elaborateness, and destructive impact.
90% of ransomware infections come from innocent-seeming emails with malicious links or attachments, and many are so-called "zero-day" attacks that can escape detection by traditional signature-based antivirus (AV) tools. While user education and frontline detection are critical to defend against ransomware, best practices dictate that you assume some attacks will succeed and that you put in place a strong backup solution that allows you to recover quickly with minimal damage.
Progent's ProSight Ransomware Preparedness Report is an ultra-affordable service centered around an interview with a Progent security consultant experienced in ransomware defense and recovery. Progent will help determine your company's readiness to block or recover from a ransomware attack. During this interview Progent will work directly with you to gather pertinent information about your security and backup environment. Progent will use this information to produce a written Basic Security and Best Practices Report detailing how to apply best practices for configuring and managing your security and backup systems.
Progent's Basic Security and Best Practices Report focuses on key issues associated with prevention (Security) and recovery (Backups). The review addresses:
- Correct use of administration accounts
- Correct NTFS and SMB permissions
- Optimal firewall settings
- Secure RDP connections
- AntiVirus tools selection and configuration
The interview process included with the ProSight Ransomware Preparedness Report service takes about one hour for a typical small business network and longer for larger or more complex environments. The written report includes recommendations for improving your ability to ward off or recover from a ransomware attack, and Progent can provide as-needed expertise to help you and your IT staff create a cost-effective security/backup solution tailored to your business needs.
- Split permission model for backup protection
- Backing up required servers (AD)
- Offsite backups including cloud backup to Azure
Ransomware is a form of malware that either encrypts files so they are unreadable or deletes them altogether. Ransomware often locks the victim's computer so it is unusable. To reverse the damage, the victim is required to pay a specified amount of money (the ransom), typically via a crypto currency like Bitcoin, within a short time window. There is no guarantee that paying the ransom will result in a recovery. Compromised or deleted files can extend throughout a network depending on the victim's write permissions, and the military-grade encryption algorithm used on the hostage files cannot be broken. A common ransomware attack vector is spoofed email, which the user is lured into opening by a social engineering technique known as spear phishing. This makes the email look as though it came from a trusted sender. The most targeted attack vector is an improperly secured Remote Desktop Protocol (RDP) port. These are becoming more of a problem as businesses support more at-home workers.
CryptoLocker opened the modern era of ransomware in 2013, and the damage caused by ransomware variants is estimated at billions of dollars annually, more than doubling every two years. Notorious recent threats include WannaCry/WannaCrypt, Locky, Cerber, NotPetya and Spora. Current high-profile threats like Ryuk, Maze, and Sodinokibi are more elaborate and have caused more havoc. Even if your backup processes allow you to recover your ransomed files, you can still be threatened by exfiltration, where stolen data is made publc (known as "doxxing"). Because new variants of ransomware crop up daily, there is no guarantee that conventional signature-matching anit-virus tools will block the latest attack. If an attack does show up in an email, it is critical that your users have been educated to be wary of social engineering tricks. Your last line of defense is a solid scheme for scheduling and retaining offsite backups plus the deployment of reliable recovery tools.
ProSight Managed Services Offered by Progent
Progent's ProSight network management suite is a family of affordable, subscription-based service packages that allow small and mid-size businesses to outsource crucial IT management functions. ProSight services that can help defend against or recover from ransomware attacks include email filtering, next-generation AV based on behavior analysis, automatic isolation of infected computers and immediate inoculation of safe devices, plus cloud-based backup with both granular and whole-site recovery.
Read or Download Progent's White Paper: 10 Benefits of Managed IT Services
- ProSight Active Security Monitoring: Endpoint Protection and Ransomware Defense
Progent's ProSight Active Security Monitoring is an endpoint protection (EPP) solution that utilizes SentinelOne's cutting edge behavior machine learning tools to defend physical and virtual endpoints against modern malware assaults such as ransomware and file-less exploits, which routinely get by traditional signature-matching anti-virus tools. ProSight Active Security Monitoring protects local and cloud-based resources and provides a unified platform to automate the entire malware attack progression including protection, identification, containment, remediation, and forensics. Top features include one-click rollback with Windows Volume Shadow Copy Service and automatic network-wide immunization against new attacks. Progent is a SentinelOne Partner, dealer, and integrator. Read more about Progent's ProSight Active Security Monitoring endpoint protection and ransomware recovery.
- ProSight Enhanced Security Protection: Physical and Virtual Endpoint Protection and Exchange Email Filtering
Progent's ProSight Enhanced Security Protection (ESP) services offer ultra-affordable multi-layer protection for physical servers and virtual machines, workstations, mobile devices, and Microsoft Exchange. ProSight ESP uses adaptive security and advanced machine learning for continuously monitoring and reacting to security threats from all attack vectors. ProSight ESP provides two-way firewall protection, intrusion alerts, device control, and web filtering via cutting-edge technologies incorporated within a single agent managed from a unified control. Progent's data protection and virtualization consultants can help you to plan and implement a ProSight ESP environment that addresses your organization's specific needs and that allows you achieve and demonstrate compliance with legal and industry data protection standards. Progent will assist you define and configure policies that ProSight ESP will manage, and Progent will monitor your network and react to alerts that require immediate action. Progent can also assist you to install and verify a backup and disaster recovery system like ProSight Data Protection Services (DPS) so you can get back in business quickly from a potentially disastrous cyber attack like ransomware. Read more about Progent's ProSight Enhanced Security Protection unified endpoint security and Microsoft Exchange email filtering.
- ProSight Data Protection Services: Managed Backup and Disaster Recovery
ProSight Data Protection Services from Progent offer small and mid-sized businesses a low cost end-to-end service for reliable backup/disaster recovery (BDR). Available at a fixed monthly rate, ProSight DPS automates and monitors your backup processes and allows fast restoration of critical data, applications and virtual machines that have become lost or damaged as a result of component failures, software glitches, disasters, human mistakes, or malware attacks such as ransomware. ProSight DPS can help you protect, recover and restore files, folders, apps, system images, as well as Microsoft Hyper-V and VMware images/. Important data can be protected on the cloud, to a local device, or mirrored to both. Progent's cloud backup specialists can deliver advanced expertise to set up ProSight Data Protection Services to to comply with regulatory requirements such as HIPAA, FIRPA, and PCI and, when needed, can help you to restore your business-critical data. Find out more about ProSight DPS Managed Cloud Backup and Recovery.
- ProSight Email Guard: Inbound and Outbound Spam Filtering and Data Leakage Protection
ProSight Email Guard is Progent's spam filtering and email encryption service that incorporates the infrastructure of top information security vendors to deliver web-based control and comprehensive security for all your email traffic. The powerful architecture of Progent's Email Guard combines a Cloud Protection Layer with an on-premises security gateway appliance to offer complete protection against spam, viruses, Dos Attacks, Directory Harvest Attacks (DHAs), and other email-based threats. The Cloud Protection Layer serves as a first line of defense and keeps most unwanted email from making it to your network firewall. This reduces your vulnerability to inbound attacks and conserves network bandwidth and storage. Email Guard's on-premises gateway appliance adds a further level of inspection for incoming email. For outbound email, the onsite gateway provides anti-virus and anti-spam filtering, protection against data leaks, and email encryption. The local gateway can also assist Exchange Server to monitor and safeguard internal email traffic that stays within your security perimeter. For more details, see Email Guard spam filtering and data leakage protection.
- ProSight WAN Watch: Infrastructure Management
Progent's ProSight WAN Watch is a network infrastructure monitoring and management service that makes it simple and inexpensive for small and mid-sized organizations to diagram, track, optimize and troubleshoot their networking appliances such as routers and switches, firewalls, and load balancers as well as servers, printers, endpoints and other devices. Incorporating cutting-edge Remote Monitoring and Management (RMM) technology, ProSight WAN Watch makes sure that network diagrams are kept updated, captures and displays the configuration of almost all devices connected to your network, tracks performance, and generates notices when potential issues are discovered. By automating tedious network management activities, WAN Watch can cut hours off ordinary tasks like network mapping, expanding your network, finding appliances that need important updates, or isolating performance issues. Learn more about ProSight WAN Watch infrastructure management consulting.
- ProSight LAN Watch: Server and Desktop Monitoring and Management
ProSight LAN Watch is Progent's server and desktop monitoring service that incorporates advanced remote monitoring and management techniques to keep your IT system running at peak levels by checking the state of critical assets that power your business network. When ProSight LAN Watch uncovers an issue, an alarm is sent automatically to your specified IT personnel and your assigned Progent engineering consultant so that all looming problems can be resolved before they have a chance to disrupt productivity. Find out more about ProSight LAN Watch server and desktop monitoring services.
- ProSight Virtual Hosting: Hosted Virtual Machines at Progent's Tier III Data Center
With Progent's ProSight Virtual Hosting service, a small organization can have its key servers and apps hosted in a secure fault tolerant data center on a fast virtual machine host set up and managed by Progent's network support experts. Under Progent's ProSight Virtual Hosting model, the customer owns the data, the OS platforms, and the apps. Because the environment is virtualized, it can be moved easily to a different hosting solution without a time-consuming and technically risky reinstallation procedure. With ProSight Virtual Hosting, you are not locked into one hosting service. Learn more details about ProSight Virtual Hosting services.
- ProSight IT Asset Management: Network Documentation Management
Progent's ProSight IT Asset Management service is an IT infrastructure documentation management service that allows you to capture, update, retrieve and protect data related to your IT infrastructure, processes, applications, and services. You can quickly find passwords or serial numbers and be warned automatically about impending expirations of SSL certificates or warranties. By cleaning up and managing your IT infrastructure documentation, you can eliminate as much as 50% of time thrown away trying to find vital information about your IT network. ProSight IT Asset Management features a common location for holding and sharing all documents related to managing your network infrastructure such as recommended procedures and self-service instructions. ProSight IT Asset Management also offers advanced automation for collecting and relating IT data. Whether you're planning improvements, doing maintenance, or responding to an emergency, ProSight IT Asset Management gets you the data you need the instant you need it. Learn more about Progent's ProSight IT Asset Management service.
- Active Defense Against Ransomware: Machine Learning-based Ransomware Identification and Remediation
Progent's Active Protection Against Ransomware is an endpoint protection service that incorporates next generation behavior-based analysis tools to defend endpoint devices and servers and VMs against new malware assaults like ransomware and file-less exploits, which easily evade traditional signature-matching AV tools. Progent Active Security Monitoring services protect local and cloud-based resources and offers a unified platform to automate the complete threat lifecycle including protection, infiltration detection, mitigation, cleanup, and forensics. Key features include single-click rollback using Windows Volume Shadow Copy Service and real-time network-wide immunization against newly discovered threats. Read more about Progent's ransomware defense and cleanup services.
- Progent's Outsourced/Shared Help Center: Call Center Managed Services
Progent's Call Center services permit your information technology staff to offload Call Center services to Progent or divide activity for Service Desk support transparently between your in-house support team and Progent's extensive pool of certified IT service engineers and subject matter experts (SMEs). Progent's Shared Service Desk provides a smooth supplement to your corporate IT support staff. Client interaction with the Service Desk, provision of technical assistance, problem escalation, trouble ticket generation and updates, efficiency metrics, and management of the service database are consistent regardless of whether incidents are taken care of by your in-house support resources, by Progent's team, or both. Read more about Progent's outsourced/shared Call Center services.
- Patch Management: Patch Management Services
Progent's support services for patch management provide organizations of any size a versatile and cost-effective solution for evaluating, validating, scheduling, applying, and documenting updates to your ever-evolving IT system. Besides optimizing the protection and reliability of your IT environment, Progent's software/firmware update management services free up time for your in-house IT team to concentrate on more strategic initiatives and activities that deliver the highest business value from your network. Read more about Progent's patch management support services.
To view a white paper explaining why managed services are rapidly replacing the old break/fix model of network support outsourcing for small and mid-size businesses, click:
10 Benefits of Managed IT Services. (PDF - 710 KB)
ProSight Network Audits
Progent's ProSight Network Audits are a quick and low-cost way for small and mid-size businesses to get an objective evaluation of the overall health of their network. Based on some of the top remote monitoring and management tools in the industry, and supervised by Progent's certified team of IT experts, ProSight Network Audits show you how well the deployment of your core network devices conform to best practices. The Basic and Advanced options for ProSight Network Audit services are offered at a low, one-time cost and deliver immediate benefits such as a more manageable Active Directory (AD) environment. Both versions also come with one year of state-of-the-art remote network monitoring and management (RMM). Advantages can include lower-cost network management, better compliance with information security regulations, more efficient utilization of network resources, faster problem resolution, more dependable backup and recovery, and less downtime. See more about Progent's ProSight Network Audits IT infrastructure assessment.
Contact Progent to Find Out More about Progent's ProSight Ransomware Preparedness Report Service
For pricing information and to learn more about how Progent's ProSight Ransomware Preparedness Report can reduce your vulnerability to ransomware, call Progent at 800-993-9400 or visit Contact Progent.