Remote Network Management for Small and Midsize Businesses

Ransomware has become the weapon of choice for the major cyber-crime organizations, posing an existential threat to businesses that fall victim. The latest strains of ransomware target everything, including backup, making even partial recovery a long and expensive process. New variations of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, and Egregor have made the headlines, displacing WannaCry, Cerber, CryptoWall, and NotPetya in notoriety, elaborateness, and destructive impact.

90% of ransomware infections come from innocent-seeming emails with malicious links or attachments, and many are so-called "zero-day" attacks that can escape detection by traditional signature-based antivirus (AV) tools. While user education and frontline detection are critical to defend against ransomware, best practices dictate that you assume some attacks will succeed and that you put in place a strong backup solution that allows you to recover quickly with minimal damage.

Progent's ProSight Ransomware Preparedness Report is an ultra-affordable service centered around an interview with a Progent security consultant experienced in ransomware defense and recovery. Progent will help determine your company's readiness to block or recover from a ransomware attack. During this interview Progent will work directly with you to gather pertinent information about your security and backup environment. Progent will use this information to produce a written Basic Security and Best Practices Report detailing how to apply best practices for configuring and managing your security and backup systems.

Progent's Basic Security and Best Practices Report focuses on key issues associated with prevention (Security) and recovery (Backups). The review addresses:

Security

• Correct use of administration accounts
• Correct NTFS and SMB permissions
• Optimal firewall settings
• Secure RDP connections
• AntiVirus tools selection and configuration

• Split permission model for backup protection
• Backing up required servers (AD)
• Offsite backups including cloud backup to Azure

About Ransomware
Ransomware is a form of malware that either encrypts files so they are unreadable or deletes them altogether. Ransomware often locks the victim's computer so it is unusable. To reverse the damage, the victim is required to pay a specified amount of money (the ransom), typically via a crypto currency like Bitcoin, within a short time window. There is no guarantee that paying the ransom will result in a recovery. Compromised or deleted files can extend throughout a network depending on the victim's write permissions, and the military-grade encryption algorithm used on the hostage files cannot be broken. A common ransomware attack vector is spoofed email, which the user is lured into opening by a social engineering technique known as spear phishing. This makes the email look as though it came from a trusted sender. The most targeted attack vector is an improperly secured Remote Desktop Protocol (RDP) port. These are becoming more of a problem as businesses support more at-home workers.

CryptoLocker opened the modern era of ransomware in 2013, and the damage caused by ransomware variants is estimated at billions of dollars annually, more than doubling every two years. Notorious recent threats include WannaCry/WannaCrypt, Locky, Cerber, NotPetya and Spora. Current high-profile threats like Ryuk, Maze, and Sodinokibi are more elaborate and have caused more havoc. Even if your backup processes allow you to recover your ransomed files, you can still be threatened by exfiltration, where stolen data is made publc (known as "doxxing"). Because new variants of ransomware crop up daily, there is no guarantee that conventional signature-matching anit-virus tools will block the latest attack. If an attack does show up in an email, it is critical that your users have been educated to be wary of social engineering tricks. Your last line of defense is a solid scheme for scheduling and retaining offsite backups plus the deployment of reliable recovery tools.

ProSight Managed Services Offered by Progent
Progent's ProSight network management suite is a family of affordable, subscription-based service packages that allow small and mid-size businesses to outsource crucial IT management functions. ProSight services that can help defend against or recover from ransomware attacks include email filtering, next-generation AV based on behavior analysis, automatic isolation of infected computers and immediate inoculation of safe devices, plus cloud-based backup with both granular and whole-site recovery.

• ProSight Active Security Monitoring: Endpoint Protection and Ransomware Defense
  ProSight Active Security Monitoring is an endpoint protection (EPP) service that utilizes next generation behavior analysis tools to defend physical and virtual endpoints against new malware attacks such as ransomware and email phishing, which easily evade traditional signature-matching anti-virus tools. ProSight Active Security Monitoring protects on-premises and cloud resources and offers a unified platform to address the entire malware attack progression including blocking, detection, containment, remediation, and forensics. Top capabilities include single-click rollback using Windows Volume Shadow Copy Service (VSS) and automatic network-wide immunization against new attacks. Read more about Progent's ProSight Active Security Monitoring (ASM) next-generation endpoint protection and ransomware recovery.

• ProSight Enhanced Security Protection (ESP): Physical and Virtual Endpoint Security and Microsoft Exchange Filtering
  ProSight Enhanced Security Protection services offer ultra-affordable in-depth security for physical and virtual servers, workstations, mobile devices, and Microsoft Exchange. ProSight ESP utilizes adaptive security and advanced machine learning for continuously monitoring and reacting to security threats from all vectors. ProSight ESP offers two-way firewall protection, penetration alerts, endpoint management, and web filtering through leading-edge technologies incorporated within a single agent accessible from a unified console. Progent's security and virtualization experts can help your business to plan and implement a ProSight ESP environment that meets your company's specific needs and that helps you achieve and demonstrate compliance with legal and industry data protection standards. Progent will assist you specify and configure policies that ProSight ESP will enforce, and Progent will monitor your network and respond to alarms that call for immediate attention. Progent can also assist you to set up and test a backup and restore solution such as ProSight Data Protection Services (DPS) so you can recover rapidly from a destructive cyber attack such as ransomware. Read more about Progent's ProSight Enhanced Security Protection (ESP) unified physical and virtual endpoint protection and Microsoft Exchange email filtering.

• ProSight Data Protection Services: Managed Backup and Recovery
  ProSight Data Protection Services provide small and mid-sized organizations an affordable end-to-end service for secure backup/disaster recovery. Available at a low monthly cost, ProSight Data Protection Services automates and monitors your backup processes and enables rapid restoration of vital data, applications and virtual machines that have become lost or corrupted due to hardware breakdowns, software glitches, disasters, human error, or malware attacks such as ransomware. ProSight Data Protection Services can help you protect, recover and restore files, folders, apps, system images, plus Microsoft Hyper-V and VMware images/. Critical data can be protected on the cloud, to an on-promises device, or to both. Progent's cloud backup consultants can provide advanced expertise to configure ProSight Data Protection Services to to comply with regulatory standards like HIPAA, FINRA, and PCI and, whenever necessary, can help you to restore your critical information. Learn more about ProSight Data Protection Services Managed Cloud Backup.

• ProSight Email Guard: Inbound and Outbound Spam Filtering and Data Leakage Protection
  ProSight Email Guard is Progent's spam filtering and email encryption service that incorporates the technology of leading information security vendors to provide centralized management and world-class protection for all your email traffic. The powerful architecture of Email Guard managed service combines cloud-based filtering with a local security gateway device to offer advanced defense against spam, viruses, Denial of Service (DoS) Attacks, DHAs, and other email-borne malware. Email Guard's Cloud Protection Layer serves as a preliminary barricade and blocks the vast majority of threats from reaching your security perimeter. This decreases your vulnerability to inbound attacks and saves network bandwidth and storage. Email Guard's onsite security gateway appliance provides a further layer of analysis for inbound email. For outgoing email, the onsite gateway provides AV and anti-spam filtering, protection against data leaks, and email encryption. The on-premises gateway can also assist Microsoft Exchange Server to monitor and safeguard internal email traffic that stays within your corporate firewall. For more information, see ProSight Email Guard spam filtering and data leakage protection.

• ProSight WAN Watch: Network Infrastructure Management
  ProSight WAN Watch is an infrastructure management service that makes it easy and affordable for small and mid-sized organizations to map out, monitor, enhance and troubleshoot their connectivity appliances like routers and switches, firewalls, and access points as well as servers, printers, client computers and other networked devices. Using cutting-edge Remote Monitoring and Management (RMM) technology, WAN Watch ensures that network maps are always updated, copies and manages the configuration information of almost all devices connected to your network, monitors performance, and sends alerts when issues are discovered. By automating complex management and troubleshooting activities, WAN Watch can cut hours off ordinary tasks such as network mapping, reconfiguring your network, finding devices that require critical software patches, or identifying the cause of performance problems. Learn more about ProSight WAN Watch infrastructure management services.

• ProSight LAN Watch: Server and Desktop Monitoring and Management
  ProSight LAN Watch is Progent’s server and desktop remote monitoring service that incorporates advanced remote monitoring and management (RMM) techniques to help keep your network operating efficiently by checking the state of critical computers that power your information system. When ProSight LAN Watch uncovers a problem, an alert is transmitted immediately to your specified IT management personnel and your Progent engineering consultant so any looming issues can be addressed before they can impact productivity. Find out more about ProSight LAN Watch server and desktop remote monitoring consulting.

• ProSight Virtual Hosting: Hosted VMs at Progent's Tier III Data Center
  With ProSight Virtual Hosting service, a small organization can have its critical servers and applications hosted in a protected Tier III data center on a high-performance virtual host set up and maintained by Progent's IT support professionals. With Progent's ProSight Virtual Hosting service model, the customer owns the data, the OS software, and the applications. Because the system is virtualized, it can be moved easily to a different hardware solution without a time-consuming and technically risky configuration procedure. With ProSight Virtual Hosting, you are not tied a single hosting provider. Learn more details about ProSight Virtual Hosting services.

• ProSight IT Asset Management: Network Documentation Management
  ProSight IT Asset Management service is an IT infrastructure documentation management service that allows you to capture, maintain, find and safeguard information related to your IT infrastructure, processes, applications, and services. You can quickly find passwords or serial numbers and be alerted automatically about upcoming expirations of SSLs or warranties. By updating and managing your network documentation, you can eliminate up to 50% of time wasted searching for critical information about your IT network. ProSight IT Asset Management features a centralized repository for storing and sharing all documents related to managing your network infrastructure such as standard operating procedures and How-To's. ProSight IT Asset Management also offers advanced automation for gathering and relating IT information. Whether you’re planning improvements, performing maintenance, or reacting to a crisis, ProSight IT Asset Management delivers the data you need the instant you need it. Find out more about Progent's ProSight IT Asset Management service.

• Progent Active Defense Against Ransomware: Machine Learning-based Ransomware Detection and Cleanup
  Progent's Active Defense Against Ransomware is an endpoint protection (EPP) solution that incorporates cutting edge behavior machine learning tools to guard endpoints as well as servers and VMs against new malware attacks such as ransomware and file-less exploits, which easily escape traditional signature-based anti-virus products. Progent ASM services safeguard local and cloud resources and offers a single platform to automate the entire threat progression including filtering, infiltration detection, mitigation, cleanup, and forensics. Key capabilities include single-click rollback with Windows Volume Shadow Copy Service (VSS) and real-time network-wide immunization against new attacks. Learn more about Progent's ransomware defense and recovery services.

• Outsourced/Co-managed Call Center: Support Desk Managed Services
  Progent's Support Center services permit your information technology group to outsource Support Desk services to Progent or split activity for Help Desk services seamlessly between your internal support staff and Progent's extensive pool of certified IT service technicians, engineers and subject matter experts. Progent's Co-managed Help Desk Service provides a seamless extension of your core network support group. User interaction with the Help Desk, provision of support, escalation, ticket generation and tracking, efficiency measurement, and management of the support database are cohesive regardless of whether incidents are taken care of by your internal IT support organization, by Progent, or a mix of the two. Learn more about Progent's outsourced/co-managed Help Center services.

• Patch Management: Software/Firmware Update Management Services
  Progent's managed services for software and firmware patch management offer businesses of any size a flexible and affordable solution for evaluating, validating, scheduling, applying, and documenting updates to your ever-evolving information system. In addition to optimizing the protection and functionality of your computer environment, Progent's software/firmware update management services allow your in-house IT staff to focus on line-of-business projects and tasks that deliver maximum business value from your network. Learn more about Progent's software/firmware update management services.

ProSight Network Audits
Progent's ProSight Network Audits offer a fast and low-cost alternative for small and medium-size businesses to get an objective evaluation of the overall health of their information system. Based on a selection of the leading remote monitoring and management tools in the industry, and supervised by Progent's certified group of IT experts, ProSight Network Audits help you see how closely the deployment of your essential network devices conform to industry leading practices. Both the Basic and Advanced versions of ProSight Network Audit services are available at a low, one-time cost and deliver instant benefits like a more manageable Active Directory environment. Both versions also include a year of advanced remote network monitoring and management (RMM). Benefits can include simpler management, improved compliance with information security standards, more efficient utilization of IT assets, faster troubleshooting, more reliable backup and restore, and less downtime. Read more information about Progent's ProSight Network Audits IT infrastructure review.

Contact Progent to Find Out More about Progent's ProSight Ransomware Preparedness Report Service
For pricing information and to learn more about how Progent's ProSight Ransomware Preparedness Report can reduce your vulnerability to ransomware, call Progent at 800-993-9400 or visit Contact Progent.