Ransomware has become the weapon of choice for the major cyber-crime organizations, posing an existential threat to businesses that fall victim. The latest strains of ransomware target everything, including backup, making even partial recovery a long and expensive process. New variations of ransomware like Ryuk, Hermes, and MongoLock have made the headlines, displacing WannaCry, Locky, and NotPetya in notoriety, elaborateness, and destructive impact.
90% of ransomware infections come from innocent-seeming emails with malicious links or attachments, and many are so-called "zero-day" attacks that can escape detection by traditional signature-based antivirus (AV) tools. While user education and frontline detection are critical to defend against ransomware, best practices dictate that you assume some attacks will succeed and that you put in place a strong backup solution that allows you to recover quickly with minimal damage.
Progent's ProSight Ransomware Preparedness Report is an ultra-affordable service centered around an interview with a Progent security consultant experienced in ransomware defense and recovery. Progent will help determine your company's readiness to block or recover from a ransomware attack. During this interview Progent will work directly with you to gather pertinent information about your security and backup environment. Progent will use this information to produce a written Basic Security and Best Practices Report detailing how to apply best practices for configuring and managing your security and backup systems.
Progent's Basic Security and Best Practices Report focuses on key issues associated with prevention (Security) and recovery (Backups). The review addresses:
- Correct use of administration accounts
- Correct NTFS and SMB permissions
- Optimal firewall settings
- AntiVirus and configuration
The interview process included with the ProSight Ransomware Preparedness Report service takes about one hour for a typical small business network and longer for larger or more complex environments. The written report includes recommendations for improving your ability to ward off or recover from a ransomware attack, and Progent can provide as-needed expertise to help you and your IT staff create a cost-effective security/backup solution tailored to your business needs.
- Split permission model for backup protection
- Backing up required servers (AD)
- Offsite backups including cloud backup to Azure
Ransomware is a form of malware that either encrypts files so they are unreadable or deletes them altogether. Ransomware often locks the victim's computer so it is unusable. To reverse the damage, the victim is required to pay a specified amount of money (the ransom), typically via a crypto currency like Bitcoin, within a short time window. There is no guarantee that paying the ransom will result in a recovery. Compromised or deleted files can extend throughout a network depending on the victim's write permissions, and the military-grade encryption algorithm used on the hostage files cannot be broken. The most common ransomware attack vector is spoofed email, which the user is lured into opening by a social engineering technique known as spear phishing. This makes the email look as though it came from a trusted sender.
CryptoLocker opened the modern era of ransomware in 2013, and the damage caused by ransomware variants is estimated at billions of dollars annually, more than doubling every two years. Notorious recent threats include WannaCry/WannaCrypt, Locky, Cerber, NotPetya and Spora. Current high-profile threats like Ryuk, Hermes, and MongoLock are more elaborate and have caused more havoc. Because new variants of ransomware crop up daily, there is no guarantee that conventional signature-matching anit-virus tools will block the latest attack. If an attack does show up in an email, it is critical that your users have been educated to be wary of social engineering tricks. Your last line of defense is a solid scheme for scheduling and retaining offsite backups plus the deployment of reliable recovery tools.
ProSight Managed Services Offered by Progent
Progent's ProSight network management suite is a family of affordable, subscription-based service packages that allow small and mid-size businesses to outsource crucial IT management functions. ProSight services that can help defend against or recover from ransomware attacks include email filtering, next-generation AV based on behavior analysis, automatic isolation of infected computers and immediate inoculation of safe devices, plus cloud-based backup with both granular and whole-site recovery.
Read or Download Progent's White Paper: 10 Benefits of Managed IT Services
- ProSight Active Security Monitoring: Endpoint Protection and Ransomware Defense
Progent's ProSight Active Security Monitoring (ASM) is an endpoint protection (EPP) solution that incorporates next generation behavior machine learning tools to defend physical and virtual endpoint devices against new malware attacks like ransomware and email phishing, which routinely evade traditional signature-matching AV products. ProSight Active Security Monitoring safeguards on-premises and cloud resources and offers a unified platform to address the complete threat progression including protection, detection, mitigation, cleanup, and post-attack forensics. Top capabilities include single-click rollback using Windows Volume Shadow Copy Service (VSS) and automatic network-wide immunization against newly discovered attacks. Read more about Progent's ProSight Active Security Monitoring next-generation endpoint protection and ransomware recovery.
- ProSight Enhanced Security Protection: Endpoint Security and Exchange Filtering
ProSight Enhanced Security Protection managed services deliver economical multi-layer protection for physical servers and VMs, desktops, mobile devices, and Microsoft Exchange. ProSight ESP utilizes adaptive security and advanced heuristics for round-the-clock monitoring and reacting to security assaults from all vectors. ProSight ESP offers firewall protection, intrusion alarms, device control, and web filtering through leading-edge technologies incorporated within one agent accessible from a unified console. Progent's data protection and virtualization experts can help you to design and configure a ProSight ESP environment that meets your company's specific needs and that helps you prove compliance with legal and industry data security standards. Progent will assist you specify and implement policies that ProSight ESP will enforce, and Progent will monitor your IT environment and react to alerts that call for immediate attention. Progent's consultants can also assist your company to install and verify a backup and restore system like ProSight Data Protection Services so you can recover quickly from a potentially disastrous cyber attack such as ransomware. Learn more about Progent's ProSight Enhanced Security Protection unified physical and virtual endpoint security and Exchange filtering.
- ProSight Data Protection Services: Managed Backup and Disaster Recovery
ProSight Data Protection Services offer small and medium-sized businesses a low cost and fully managed service for secure backup/disaster recovery (BDR). For a low monthly rate, ProSight Data Protection Services automates your backup activities and enables rapid recovery of vital data, applications and VMs that have become unavailable or corrupted as a result of hardware failures, software glitches, disasters, human error, or malware attacks such as ransomware. ProSight DPS can help you protect, retrieve and restore files, folders, apps, system images, plus Hyper-V and VMware images/. Important data can be backed up on the cloud, to an on-promises storage device, or to both. Progent's cloud backup consultants can deliver advanced expertise to configure ProSight DPS to be compliant with regulatory standards like HIPPA, FIRPA, PCI and Safe Harbor and, when needed, can assist you to restore your critical information. Read more about ProSight Data Protection Services Managed Backup.
- ProSight Email Guard: Inbound and Outbound Spam Filtering and Data Leakage Protection
ProSight Email Guard is Progent's spam and virus filtering service that incorporates the infrastructure of top information security companies to provide centralized management and comprehensive protection for all your inbound and outbound email. The powerful architecture of Email Guard integrates a Cloud Protection Layer with a local gateway device to offer advanced defense against spam, viruses, Denial of Service (DoS) Attacks, Directory Harvest Attacks (DHAs), and other email-based malware. Email Guard's Cloud Protection Layer serves as a preliminary barricade and blocks most unwanted email from reaching your network firewall. This reduces your exposure to inbound threats and conserves system bandwidth and storage space. Email Guard's onsite gateway appliance adds a further level of inspection for incoming email. For outbound email, the local gateway provides anti-virus and anti-spam protection, policy-based Data Loss Prevention, and email encryption. The onsite security gateway can also assist Exchange Server to track and protect internal email that originates and ends inside your security perimeter. For more information, see Email Guard spam and content filtering.
- ProSight WAN Watch: Network Infrastructure Remote Monitoring and Management
Progentís ProSight WAN Watch is a network infrastructure management service that makes it simple and affordable for small and mid-sized organizations to diagram, track, reconfigure and troubleshoot their networking appliances like switches, firewalls, and access points plus servers, client computers and other devices. Using cutting-edge Remote Monitoring and Management technology, WAN Watch makes sure that network maps are always current, copies and displays the configuration of virtually all devices on your network, monitors performance, and generates notices when problems are detected. By automating time-consuming network management activities, WAN Watch can knock hours off common tasks such as making network diagrams, expanding your network, finding appliances that require critical software patches, or isolating performance problems. Find out more details about ProSight WAN Watch infrastructure monitoring and management consulting.
- ProSight LAN Watch: Server and Desktop Remote Monitoring and Management
ProSight LAN Watch is Progentís server and desktop remote monitoring managed service that uses advanced remote monitoring and management (RMM) techniques to keep your network operating at peak levels by tracking the health of critical computers that drive your information system. When ProSight LAN Watch detects a problem, an alarm is transmitted automatically to your specified IT personnel and your Progent consultant so that all potential issues can be resolved before they have a chance to impact your network. Learn more about ProSight LAN Watch server and desktop monitoring consulting.
- ProSight Virtual Hosting: Hosted VMs at Progent's Tier III Data Center
With ProSight Virtual Hosting service, a small or mid-size organization can have its key servers and apps hosted in a secure Tier III data center on a fast virtual machine host configured and maintained by Progent's network support experts. Under Progent's ProSight Virtual Hosting service model, the customer retains ownership of the data, the operating system software, and the applications. Because the environment is virtualized, it can be moved easily to an alternate hosting solution without requiring a lengthy and technically risky configuration procedure. With ProSight Virtual Hosting, you are not tied a single hosting provider. Find out more about ProSight Virtual Hosting services.
- ProSight IT Asset Management: Network Documentation Management
Progent's ProSight IT Asset Management service is an IT infrastructure documentation management service that makes it easy to create, update, find and protect data about your IT infrastructure, processes, business apps, and services. You can instantly locate passwords or serial numbers and be alerted automatically about impending expirations of SSLs or domains. By updating and organizing your IT documentation, you can save up to half of time spent looking for vital information about your network. ProSight IT Asset Management includes a common location for holding and sharing all documents related to managing your business network like standard operating procedures (SOPs) and How-To's. ProSight IT Asset Management also offers advanced automation for gathering and associating IT data. Whether youíre planning improvements, performing regular maintenance, or reacting to an emergency, ProSight IT Asset Management gets you the knowledge you require when you need it. Find out more about Progent's ProSight IT Asset Management service.
To view a white paper explaining why managed services are rapidly takingthe place of the traditional break/fix model of network support outsourcing for small and mid-size businesses, click:
10 Benefits of Managed IT Services. (PDF - 710 KB)
ProSight Network Audits
Progent's ProSight Network Audits are a fast and affordable alternative for small and medium-size organizations to get an unbiased assessment of the health of their IT system. Powered by some of the top remote monitoring and management (RMM) tools in the industry, and supervised by Progent's certified team of information technology experts, ProSight Network Audits show you how well the deployment of your core infrastructure assets adhere to best practices. Both the Basic and Advanced options for ProSight Network Audit services are offered at a budget-friendly, one-time cost and provide immediate benefits such as a more manageable Active Directory (AD) system. Both also come with one year of cutting-edge remote network monitoring and management. Advantages can include lower-cost network management, improved compliance with government and industry security regulations, more efficient utilization of network resources, faster troubleshooting, more reliable backup and restore, and increased uptime. Read more information about Progent's ProSight Network Audits network infrastructure assessment.
Contact Progent to Find Out More about Progent's ProSight Ransomware Preparedness Report Service
For pricing information and to learn more about how Progent's ProSight Ransomware Preparedness Report can reduce your vulnerability to ransomware, call Progent at 800-993-9400 or visit Contact Progent.