Ransomware has become the weapon of choice for the major cyber-crime organizations, posing an existential threat to businesses that fall victim. The latest strains of ransomware target everything, including backup, making even partial recovery a long and expensive process. New variations of ransomware like Ryuk, Hermes, and MongoLock have made the headlines, displacing WannaCry, Locky, and NotPetya in notoriety, elaborateness, and destructive impact.
90% of ransomware infections come from innocent-seeming emails with malicious links or attachments, and many are so-called "zero-day" attacks that can escape detection by traditional signature-based antivirus (AV) tools. While user education and frontline detection are critical to defend against ransomware, best practices dictate that you assume some attacks will succeed and that you put in place a strong backup solution that allows you to recover quickly with minimal damage.
Progent's ProSight Ransomware Preparedness Report is an ultra-affordable service centered around an interview with a Progent security consultant experienced in ransomware defense and recovery. Progent will help determine your company's readiness to block or recover from a ransomware attack. During this interview Progent will work directly with you to gather pertinent information about your security and backup environment. Progent will use this information to produce a written Basic Security and Best Practices Report detailing how to apply best practices for configuring and managing your security and backup systems.
Progent's Basic Security and Best Practices Report focuses on key issues associated with prevention (Security) and recovery (Backups). The review addresses:
- Correct use of administration accounts
- Correct NTFS and SMB permissions
- Optimal firewall settings
- AntiVirus and configuration
The interview process included with the ProSight Ransomware Preparedness Report service takes about one hour for a typical small business network and longer for larger or more complex environments. The written report includes recommendations for improving your ability to ward off or recover from a ransomware attack, and Progent can provide as-needed expertise to help you and your IT staff create a cost-effective security/backup solution tailored to your business needs.
- Split permission model for backup protection
- Backing up required servers (AD)
- Offsite backups including cloud backup to Azure
Ransomware is a form of malware that either encrypts files so they are unreadable or deletes them altogether. Ransomware often locks the victim's computer so it is unusable. To reverse the damage, the victim is required to pay a specified amount of money (the ransom), typically via a crypto currency like Bitcoin, within a short time window. There is no guarantee that paying the ransom will result in a recovery. Compromised or deleted files can extend throughout a network depending on the victim's write permissions, and the military-grade encryption algorithm used on the hostage files cannot be broken. The most common ransomware attack vector is spoofed email, which the user is lured into opening by a social engineering technique known as spear phishing. This makes the email look as though it came from a trusted sender.
CryptoLocker opened the modern era of ransomware in 2013, and the damage caused by ransomware variants is estimated at billions of dollars annually, more than doubling every two years. Notorious recent threats include WannaCry/WannaCrypt, Locky, Cerber, NotPetya and Spora. Current high-profile threats like Ryuk, Hermes, and MongoLock are more elaborate and have caused more havoc. Because new variants of ransomware crop up daily, there is no guarantee that conventional signature-matching anit-virus tools will block the latest attack. If an attack does show up in an email, it is critical that your users have been educated to be wary of social engineering tricks. Your last line of defense is a solid scheme for scheduling and retaining offsite backups plus the deployment of reliable recovery tools.
ProSight Managed Services Offered by Progent
Progent's ProSight network management suite is a family of affordable, subscription-based service packages that allow small and mid-size businesses to outsource crucial IT management functions. ProSight services that can help defend against or recover from ransomware attacks include email filtering, next-generation AV based on behavior analysis, automatic isolation of infected computers and immediate inoculation of safe devices, plus cloud-based backup with both granular and whole-site recovery.
Read or Download Progent's White Paper: 10 Benefits of Managed IT Services
- ProSight Active Security Monitoring: Endpoint Protection and Ransomware Defense
Progent's ProSight Active Security Monitoring (ASM) is an endpoint protection (EPP) solution that incorporates next generation behavior-based machine learning tools to guard physical and virtual endpoint devices against new malware assaults such as ransomware and file-less exploits, which easily evade traditional signature-based AV tools. ProSight ASM protects local and cloud-based resources and provides a unified platform to manage the entire malware attack progression including blocking, detection, mitigation, remediation, and forensics. Top features include single-click rollback with Windows VSS and real-time system-wide immunization against new attacks. Learn more about Progent's ProSight Active Security Monitoring (ASM) next-generation endpoint protection and ransomware recovery.
- ProSight Enhanced Security Protection: Endpoint Security and Microsoft Exchange Filtering
ProSight Enhanced Security Protection (ESP) managed services deliver economical in-depth protection for physical and virtual servers, desktops, mobile devices, and Exchange email. ProSight ESP uses contextual security and advanced machine learning for continuously monitoring and responding to security threats from all vectors. ProSight ESP delivers firewall protection, penetration alerts, endpoint control, and web filtering through leading-edge technologies incorporated within one agent accessible from a unified control. Progent's data protection and virtualization experts can assist you to design and implement a ProSight ESP environment that addresses your organization's specific requirements and that allows you prove compliance with legal and industry data protection standards. Progent will assist you define and implement security policies that ProSight ESP will enforce, and Progent will monitor your network and respond to alerts that require immediate action. Progent can also assist you to install and test a backup and disaster recovery solution like ProSight Data Protection Services so you can get back in business quickly from a potentially disastrous cyber attack such as ransomware. Find out more about Progent's ProSight Enhanced Security Protection unified endpoint security and Microsoft Exchange filtering.
- ProSight Data Protection Services: Managed Backup and Recovery
ProSight Data Protection Services from Progent provide small and medium-sized organizations an affordable end-to-end service for secure backup/disaster recovery. Available at a low monthly rate, ProSight DPS automates and monitors your backup activities and enables fast recovery of critical files, apps and VMs that have become unavailable or corrupted as a result of hardware failures, software bugs, natural disasters, human error, or malware attacks such as ransomware. ProSight Data Protection Services can help you protect, retrieve and restore files, folders, apps, system images, as well as Microsoft Hyper-V and VMware virtual machine images. Important data can be protected on the cloud, to a local storage device, or to both. Progent's BDR specialists can provide advanced support to configure ProSight Data Protection Services to to comply with government and industry regulatory requirements such as HIPPA, FIRPA, and PCI and, whenever necessary, can help you to recover your business-critical information. Learn more about ProSight DPS Managed Backup.
- ProSight Email Guard: Inbound and Outbound Spam Filtering and Data Leakage Protection
ProSight Email Guard is Progent's spam and virus filtering service that incorporates the infrastructure of top information security companies to deliver web-based management and comprehensive security for your email traffic. The hybrid architecture of Progent's Email Guard managed service combines a Cloud Protection Layer with an on-premises gateway device to offer complete defense against spam, viruses, Denial of Service (DoS) Attacks, Directory Harvest Attacks, and other email-based threats. Email Guard's Cloud Protection Layer serves as a preliminary barricade and blocks most threats from reaching your security perimeter. This decreases your vulnerability to inbound attacks and saves system bandwidth and storage space. Email Guard's on-premises gateway appliance provides a deeper level of inspection for inbound email. For outgoing email, the onsite gateway offers anti-virus and anti-spam filtering, protection against data leaks, and email encryption. The on-premises gateway can also help Microsoft Exchange Server to monitor and protect internal email traffic that stays inside your security perimeter. For more information, visit ProSight Email Guard spam filtering and data leakage protection.
- ProSight WAN Watch: Infrastructure Remote Monitoring and Management
Progentís ProSight WAN Watch is a network infrastructure monitoring and management service that makes it easy and inexpensive for smaller organizations to map, monitor, optimize and troubleshoot their networking hardware like switches, firewalls, and load balancers plus servers, printers, endpoints and other networked devices. Incorporating cutting-edge RMM technology, ProSight WAN Watch ensures that infrastructure topology maps are kept updated, captures and manages the configuration of almost all devices connected to your network, monitors performance, and generates notices when problems are detected. By automating tedious management activities, ProSight WAN Watch can cut hours off ordinary chores like making network diagrams, expanding your network, locating devices that require important updates, or identifying the cause of performance issues. Learn more about ProSight WAN Watch network infrastructure monitoring and management consulting.
- ProSight LAN Watch: Server and Desktop Remote Monitoring
ProSight LAN Watch is Progentís server and desktop monitoring managed service that incorporates advanced remote monitoring and management (RMM) technology to help keep your network running at peak levels by tracking the health of critical computers that drive your information system. When ProSight LAN Watch uncovers an issue, an alert is sent automatically to your designated IT management personnel and your Progent engineering consultant so that any looming problems can be resolved before they can impact your network. Learn more details about ProSight LAN Watch server and desktop remote monitoring services.
- ProSight Virtual Hosting: Hosted VMs at Progent's World-class Data Center
With ProSight Virtual Hosting service, a small or mid-size organization can have its key servers and apps hosted in a secure fault tolerant data center on a high-performance virtual host set up and maintained by Progent's IT support professionals. Under the ProSight Virtual Hosting service model, the client owns the data, the OS software, and the apps. Because the system is virtualized, it can be moved easily to a different hardware environment without a lengthy and technically risky configuration procedure. With ProSight Virtual Hosting, you are not tied a single hosting service. Find out more about ProSight Virtual Hosting services.
- ProSight IT Asset Management: Network Documentation Management
Progent's ProSight IT Asset Management service is an IT infrastructure documentation management service that makes it easy to create, maintain, find and safeguard data about your network infrastructure, processes, applications, and services. You can quickly find passwords or serial numbers and be warned automatically about upcoming expirations of SSLs ,domains or warranties. By cleaning up and managing your IT infrastructure documentation, you can save as much as 50% of time thrown away looking for vital information about your network. ProSight IT Asset Management includes a centralized repository for holding and sharing all documents required for managing your network infrastructure such as recommended procedures and How-To's. ProSight IT Asset Management also supports advanced automation for gathering and associating IT information. Whether youíre planning enhancements, doing maintenance, or responding to a crisis, ProSight IT Asset Management gets you the data you need the instant you need it. Read more about Progent's ProSight IT Asset Management service.
To download a white paper explaining why managed services are quickly replacing the old break/fix model of network support outsourcing for small and mid-size businesses, click:
10 Benefits of Managed IT Services. (PDF - 710 KB)
ProSight Network Audits
Progent's ProSight Network Audits offer a fast and low-cost alternative for small and medium-size organizations to obtain an objective assessment of the health of their network. Powered by a selection of the leading remote monitoring and management platforms in the industry, and supervised by Progent's world-class group of IT experts, ProSight Network Audits help you see how well the deployment of your essential infrastructure assets conform to leading practices. Both the Basic and Advanced options for ProSight Network Audit services are offered at a budget-friendly, one-time cost and deliver immediate benefits like a more manageable Active Directory system. Both versions also include a year of state-of-the-art remote network monitoring and management. Benefits can include simpler network management, better compliance with information security standards, more efficient utilization of network resources, quicker problem resolution, more reliable backup and recovery, and higher availability. See more information about ProSight Network Audits network infrastructure review.
Contact Progent to Find Out More about Progent's ProSight Ransomware Preparedness Report Service
For pricing information and to learn more about how Progent's ProSight Ransomware Preparedness Report can reduce your vulnerability to ransomware, call Progent at 800-993-9400 or visit Contact Progent.