Ransomware has become the weapon of choice for the major cyber-crime organizations, posing an existential threat to businesses that fall victim. The latest strains of ransomware target everything, including backup, making even partial recovery a long and expensive process. New variations of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, and Egregor have made the headlines, displacing WannaCry, Cerber, CryptoWall, and NotPetya in notoriety, elaborateness, and destructive impact.
90% of ransomware infections come from innocent-seeming emails with malicious links or attachments, and many are so-called "zero-day" attacks that can escape detection by traditional signature-based antivirus (AV) tools. While user education and frontline detection are critical to defend against ransomware, best practices dictate that you assume some attacks will succeed and that you put in place a strong backup solution that allows you to recover quickly with minimal damage.
Progent's ProSight Ransomware Preparedness Report is an ultra-affordable service centered around an interview with a Progent security consultant experienced in ransomware defense and recovery. Progent will help determine your company's readiness to block or recover from a ransomware attack. During this interview Progent will work directly with you to gather pertinent information about your security and backup environment. Progent will use this information to produce a written Basic Security and Best Practices Report detailing how to apply best practices for configuring and managing your security and backup systems.
Progent's Basic Security and Best Practices Report focuses on key issues associated with prevention (Security) and recovery (Backups). The review addresses:
- Correct use of administration accounts
- Correct NTFS and SMB permissions
- Optimal firewall settings
- Secure RDP connections
- AntiVirus tools selection and configuration
The interview process included with the ProSight Ransomware Preparedness Report service takes about one hour for a typical small business network and longer for larger or more complex environments. The written report includes recommendations for improving your ability to ward off or recover from a ransomware attack, and Progent can provide as-needed expertise to help you and your IT staff create a cost-effective security/backup solution tailored to your business needs.
- Split permission model for backup protection
- Backing up required servers (AD)
- Offsite backups including cloud backup to Azure
Ransomware is a form of malware that either encrypts files so they are unreadable or deletes them altogether. Ransomware often locks the victim's computer so it is unusable. To reverse the damage, the victim is required to pay a specified amount of money (the ransom), typically via a crypto currency like Bitcoin, within a short time window. There is no guarantee that paying the ransom will result in a recovery. Compromised or deleted files can extend throughout a network depending on the victim's write permissions, and the military-grade encryption algorithm used on the hostage files cannot be broken. A common ransomware attack vector is spoofed email, which the user is lured into opening by a social engineering technique known as spear phishing. This makes the email look as though it came from a trusted sender. The most targeted attack vector is an improperly secured Remote Desktop Protocol (RDP) port. These are becoming more of a problem as businesses support more at-home workers.
CryptoLocker opened the modern era of ransomware in 2013, and the damage caused by ransomware variants is estimated at billions of dollars annually, more than doubling every two years. Notorious recent threats include WannaCry/WannaCrypt, Locky, Cerber, NotPetya and Spora. Current high-profile threats like Ryuk, Maze, and Sodinokibi are more elaborate and have caused more havoc. Even if your backup processes allow you to recover your ransomed files, you can still be threatened by exfiltration, where stolen data is made publc (known as "doxxing"). Because new variants of ransomware crop up daily, there is no guarantee that conventional signature-matching anit-virus tools will block the latest attack. If an attack does show up in an email, it is critical that your users have been educated to be wary of social engineering tricks. Your last line of defense is a solid scheme for scheduling and retaining offsite backups plus the deployment of reliable recovery tools.
ProSight Managed Services Offered by Progent
Progent's ProSight network management suite is a family of affordable, subscription-based service packages that allow small and mid-size businesses to outsource crucial IT management functions. ProSight services that can help defend against or recover from ransomware attacks include email filtering, next-generation AV based on behavior analysis, automatic isolation of infected computers and immediate inoculation of safe devices, plus cloud-based backup with both granular and whole-site recovery.
Read or Download Progent's White Paper: 10 Benefits of Managed IT Services
- ProSight Active Security Monitoring: Endpoint Protection and Ransomware Defense
ProSight Active Security Monitoring (ASM) is an endpoint protection (EPP) solution that incorporates SentinelOne's cutting edge behavior-based machine learning tools to guard physical and virtual endpoints against modern malware assaults such as ransomware and file-less exploits, which easily escape traditional signature-based anti-virus tools. ProSight Active Security Monitoring protects on-premises and cloud resources and offers a single platform to address the entire malware attack lifecycle including protection, identification, mitigation, cleanup, and post-attack forensics. Key features include one-click rollback with Windows Volume Shadow Copy Service and automatic system-wide immunization against new attacks. Progent is a SentinelOne Partner, dealer, and integrator. Find out more about Progent's ProSight Active Security Monitoring next-generation endpoint protection and ransomware defense.
- ProSight Enhanced Security Protection (ESP): Physical and Virtual Endpoint Security and Microsoft Exchange Email Filtering
ProSight Enhanced Security Protection services offer ultra-affordable in-depth security for physical servers and VMs, desktops, smartphones, and Microsoft Exchange. ProSight ESP uses contextual security and advanced machine learning for round-the-clock monitoring and reacting to cyber threats from all vectors. ProSight ESP provides two-way firewall protection, penetration alarms, endpoint control, and web filtering via cutting-edge technologies packaged within a single agent managed from a unified control. Progent's security and virtualization consultants can help your business to plan and configure a ProSight ESP environment that addresses your organization's specific requirements and that allows you achieve and demonstrate compliance with government and industry data protection regulations. Progent will assist you specify and configure security policies that ProSight ESP will enforce, and Progent will monitor your network and respond to alarms that require urgent action. Progent can also assist your company to install and test a backup and restore solution such as ProSight Data Protection Services so you can recover rapidly from a destructive security attack like ransomware. Learn more about Progent's ProSight Enhanced Security Protection unified endpoint security and Microsoft Exchange email filtering.
- ProSight Data Protection Services: Managed Backup and Disaster Recovery
ProSight Data Protection Services from Progent provide small and medium-sized businesses an affordable end-to-end solution for secure backup/disaster recovery. Available at a low monthly cost, ProSight Data Protection Services automates and monitors your backup activities and enables fast recovery of vital data, applications and VMs that have become unavailable or damaged as a result of component breakdowns, software glitches, natural disasters, human error, or malicious attacks such as ransomware. ProSight Data Protection Services can help you protect, retrieve and restore files, folders, apps, system images, plus Microsoft Hyper-V and VMware images/. Important data can be protected on the cloud, to an on-promises storage device, or mirrored to both. Progent's BDR consultants can deliver world-class support to configure ProSight DPS to be compliant with regulatory requirements like HIPAA, FIRPA, PCI and Safe Harbor and, whenever needed, can assist you to recover your business-critical information. Find out more about ProSight Data Protection Services Managed Cloud Backup.
- ProSight Email Guard: Inbound and Outbound Spam Filtering and Data Leakage Protection
ProSight Email Guard is Progent's spam and virus filtering and email encryption service that uses the technology of leading information security companies to deliver web-based control and world-class security for your inbound and outbound email. The powerful structure of Progent's Email Guard managed service integrates a Cloud Protection Layer with an on-premises gateway appliance to provide advanced defense against spam, viruses, Dos Attacks, DHAs, and other email-borne malware. Email Guard's cloud filter acts as a preliminary barricade and keeps the vast majority of unwanted email from reaching your security perimeter. This reduces your exposure to inbound threats and saves system bandwidth and storage space. Email Guard's on-premises security gateway device provides a deeper layer of inspection for incoming email. For outbound email, the onsite security gateway offers AV and anti-spam filtering, policy-based Data Loss Prevention, and email encryption. The on-premises gateway can also help Exchange Server to track and protect internal email that stays inside your security perimeter. For more information, visit ProSight Email Guard spam and content filtering.
- ProSight WAN Watch: Network Infrastructure Remote Monitoring and Management
Progent's ProSight WAN Watch is an infrastructure monitoring and management service that makes it simple and affordable for small and mid-sized organizations to diagram, monitor, enhance and debug their connectivity appliances such as routers and switches, firewalls, and wireless controllers plus servers, printers, client computers and other networked devices. Using state-of-the-art RMM technology, WAN Watch ensures that infrastructure topology maps are always current, captures and displays the configuration information of virtually all devices connected to your network, monitors performance, and sends alerts when potential issues are detected. By automating tedious network management activities, WAN Watch can knock hours off ordinary tasks like making network diagrams, expanding your network, finding appliances that require critical software patches, or resolving performance issues. Learn more about ProSight WAN Watch network infrastructure monitoring and management consulting.
- ProSight LAN Watch: Server and Desktop Remote Monitoring
ProSight LAN Watch is Progent's server and desktop monitoring managed service that uses state-of-the-art remote monitoring and management techniques to keep your IT system running efficiently by checking the health of vital computers that drive your information system. When ProSight LAN Watch detects a problem, an alarm is transmitted automatically to your designated IT management staff and your assigned Progent consultant so that any looming problems can be addressed before they have a chance to disrupt productivity. Learn more about ProSight LAN Watch server and desktop monitoring services.
- ProSight Virtual Hosting: Hosted VMs at Progent's World-class Data Center
With ProSight Virtual Hosting service, a small organization can have its critical servers and apps hosted in a protected fault tolerant data center on a fast virtual machine host set up and maintained by Progent's network support experts. With the ProSight Virtual Hosting model, the client retains ownership of the data, the OS platforms, and the apps. Because the system is virtualized, it can be ported immediately to an alternate hosting environment without requiring a time-consuming and difficult reinstallation process. With ProSight Virtual Hosting, your business is not locked into one hosting service. Find out more details about ProSight Virtual Hosting services.
- ProSight IT Asset Management: Network Documentation Management
Progent's ProSight IT Asset Management service is an IT infrastructure documentation management service that allows you to capture, update, retrieve and protect information about your network infrastructure, processes, applications, and services. You can instantly find passwords or IP addresses and be alerted about impending expirations of SSL certificates ,domains or warranties. By updating and organizing your IT infrastructure documentation, you can save as much as half of time wasted trying to find vital information about your IT network. ProSight IT Asset Management includes a centralized location for storing and collaborating on all documents related to managing your network infrastructure like recommended procedures and How-To's. ProSight IT Asset Management also offers advanced automation for collecting and associating IT data. Whether you're making improvements, performing maintenance, or responding to an emergency, ProSight IT Asset Management delivers the information you require when you need it. Find out more about Progent's ProSight IT Asset Management service.
- Progent Active Protection Against Ransomware: AI-based Ransomware Identification and Cleanup
Progent's Active Protection Against Ransomware is an endpoint protection service that incorporates cutting edge behavior-based analysis tools to defend endpoint devices and servers and VMs against new malware attacks such as ransomware and file-less exploits, which routinely get by legacy signature-based anti-virus products. Progent Active Security Monitoring services protect on-premises and cloud resources and provides a unified platform to address the complete threat lifecycle including filtering, infiltration detection, containment, remediation, and forensics. Key capabilities include one-click rollback using Windows VSS and automatic network-wide immunization against newly discovered threats. Learn more about Progent's ransomware defense and cleanup services.
- Outsourced/Co-managed Help Center: Call Center Managed Services
Progent's Help Desk services permit your information technology group to outsource Support Desk services to Progent or divide responsibilities for Service Desk support transparently between your in-house network support group and Progent's nationwide roster of certified IT service engineers and subject matter experts. Progent's Co-managed Service Desk offers a smooth supplement to your corporate IT support staff. Client access to the Service Desk, delivery of technical assistance, issue escalation, ticket creation and tracking, efficiency metrics, and maintenance of the support database are cohesive whether incidents are taken care of by your internal support staff, by Progent, or by a combination. Read more about Progent's outsourced/co-managed Service Center services.
- Progent's Patch Management: Patch Management Services
Progent's managed services for patch management offer businesses of any size a flexible and affordable alternative for evaluating, validating, scheduling, applying, and tracking updates to your ever-evolving information network. Besides maximizing the protection and functionality of your computer network, Progent's software/firmware update management services permit your IT team to focus on line-of-business projects and activities that deliver the highest business value from your information network. Find out more about Progent's patch management services.
To download a white paper describing why managed services are rapidly replacing the traditional break/fix model of network support outsourcing for small and mid-size businesses, click:
10 Benefits of Managed IT Services. (PDF - 710 KB)
ProSight Network Audits
Progent's ProSight Network Audits offer a quick and affordable alternative for small and mid-size organizations to obtain an unbiased evaluation of the health of their IT system. Powered by some of the top remote monitoring and management platforms in the industry, and overseen by Progent's world-class team of information technology experts, ProSight Network Audits show you how well the configuration of your core network assets adhere to leading practices. Both the Basic and Advanced options for ProSight Network Audit services are offered at a low, one-time cost and provide instant ROI such as a cleaner Active Directory environment. Both also come with a year of cutting-edge remote network monitoring and management. Benefits can include lower-cost management, improved compliance with data security standards, higher utilization of IT resources, quicker troubleshooting, more dependable backup and restore, and increased uptime. Read more information about ProSight Network Audits network infrastructure assessment.
Contact Progent to Find Out More about Progent's ProSight Ransomware Preparedness Report Service
For pricing information and to learn more about how Progent's ProSight Ransomware Preparedness Report can reduce your vulnerability to ransomware, call Progent at 800-993-9400 or visit Contact Progent.