Ransomware has become the weapon of choice for the major cyber-crime organizations, posing an existential threat to businesses that fall victim. The latest strains of ransomware target everything, including backup, making even partial recovery a long and expensive process. New variations of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, and Egregor have made the headlines, displacing WannaCry, Cerber, CryptoWall, and NotPetya in notoriety, elaborateness, and destructive impact.
90% of ransomware infections come from innocent-seeming emails with malicious links or attachments, and many are so-called "zero-day" attacks that can escape detection by traditional signature-based antivirus (AV) tools. While user education and frontline detection are critical to defend against ransomware, best practices dictate that you assume some attacks will succeed and that you put in place a strong backup solution that allows you to recover quickly with minimal damage.
Progent's ProSight Ransomware Preparedness Report is an ultra-affordable service centered around an interview with a Progent security consultant experienced in ransomware defense and recovery. Progent will help determine your company's readiness to block or recover from a ransomware attack. During this interview Progent will work directly with you to gather pertinent information about your security and backup environment. Progent will use this information to produce a written Basic Security and Best Practices Report detailing how to apply best practices for configuring and managing your security and backup systems.
Progent's Basic Security and Best Practices Report focuses on key issues associated with prevention (Security) and recovery (Backups). The review addresses:
- Correct use of administration accounts
- Correct NTFS and SMB permissions
- Optimal firewall settings
- Secure RDP connections
- AntiVirus tools selection and configuration
The interview process included with the ProSight Ransomware Preparedness Report service takes about one hour for a typical small business network and longer for larger or more complex environments. The written report includes recommendations for improving your ability to ward off or recover from a ransomware attack, and Progent can provide as-needed expertise to help you and your IT staff create a cost-effective security/backup solution tailored to your business needs.
- Split permission model for backup protection
- Backing up required servers (AD)
- Offsite backups including cloud backup to Azure
Ransomware is a form of malware that either encrypts files so they are unreadable or deletes them altogether. Ransomware often locks the victim's computer so it is unusable. To reverse the damage, the victim is required to pay a specified amount of money (the ransom), typically via a crypto currency like Bitcoin, within a short time window. There is no guarantee that paying the ransom will result in a recovery. Compromised or deleted files can extend throughout a network depending on the victim's write permissions, and the military-grade encryption algorithm used on the hostage files cannot be broken. A common ransomware attack vector is spoofed email, which the user is lured into opening by a social engineering technique known as spear phishing. This makes the email look as though it came from a trusted sender. The most targeted attack vector is an improperly secured Remote Desktop Protocol (RDP) port. These are becoming more of a problem as businesses support more at-home workers.
CryptoLocker opened the modern era of ransomware in 2013, and the damage caused by ransomware variants is estimated at billions of dollars annually, more than doubling every two years. Notorious recent threats include WannaCry/WannaCrypt, Locky, Cerber, NotPetya and Spora. Current high-profile threats like Ryuk, Maze, and Sodinokibi are more elaborate and have caused more havoc. Even if your backup processes allow you to recover your ransomed files, you can still be threatened by exfiltration, where stolen data is made publc (known as "doxxing"). Because new variants of ransomware crop up daily, there is no guarantee that conventional signature-matching anit-virus tools will block the latest attack. If an attack does show up in an email, it is critical that your users have been educated to be wary of social engineering tricks. Your last line of defense is a solid scheme for scheduling and retaining offsite backups plus the deployment of reliable recovery tools.
ProSight Managed Services Offered by Progent
Progent's ProSight network management suite is a family of affordable, subscription-based service packages that allow small and mid-size businesses to outsource crucial IT management functions. ProSight services that can help defend against or recover from ransomware attacks include email filtering, next-generation AV based on behavior analysis, automatic isolation of infected computers and immediate inoculation of safe devices, plus cloud-based backup with both granular and whole-site recovery.
Read or Download Progent's White Paper: 10 Benefits of Managed IT Services
- ProSight Active Security Monitoring: Endpoint Protection and Ransomware Defense
ProSight Active Security Monitoring (ASM) is an endpoint protection solution that incorporates SentinelOne's next generation behavior-based analysis tools to defend physical and virtual endpoints against new malware assaults such as ransomware and file-less exploits, which easily evade traditional signature-matching AV tools. ProSight ASM protects on-premises and cloud resources and provides a single platform to manage the complete malware attack progression including protection, infiltration detection, mitigation, cleanup, and forensics. Key features include one-click rollback using Windows Volume Shadow Copy Service and automatic network-wide immunization against new threats. Progent is a SentinelOne Partner, reseller, and integrator. Find out more about Progent's ProSight Active Security Monitoring next-generation endpoint protection and ransomware defense.
- ProSight Enhanced Security Protection (ESP): Physical and Virtual Endpoint Security and Exchange Filtering
Progent's ProSight Enhanced Security Protection managed services offer ultra-affordable multi-layer protection for physical servers and virtual machines, workstations, mobile devices, and Microsoft Exchange. ProSight ESP uses contextual security and advanced heuristics for continuously monitoring and reacting to security assaults from all vectors. ProSight ESP provides two-way firewall protection, penetration alarms, device control, and web filtering through leading-edge tools incorporated within a single agent managed from a unified console. Progent's data protection and virtualization consultants can help you to plan and configure a ProSight ESP environment that addresses your company's unique needs and that allows you achieve and demonstrate compliance with legal and industry data protection regulations. Progent will assist you define and implement policies that ProSight ESP will enforce, and Progent will monitor your network and respond to alerts that require immediate attention. Progent can also assist your company to set up and test a backup and disaster recovery solution such as ProSight Data Protection Services (DPS) so you can recover rapidly from a potentially disastrous security attack like ransomware. Find out more about Progent's ProSight Enhanced Security Protection unified endpoint protection and Microsoft Exchange email filtering.
- ProSight Data Protection Services: Managed Backup and Disaster Recovery
ProSight Data Protection Services from Progent provide small and mid-sized businesses a low cost and fully managed solution for reliable backup/disaster recovery (BDR). For a low monthly cost, ProSight DPS automates and monitors your backup activities and allows rapid restoration of critical files, apps and VMs that have become unavailable or corrupted as a result of hardware breakdowns, software glitches, disasters, human error, or malware attacks like ransomware. ProSight DPS can help you protect, retrieve and restore files, folders, apps, system images, plus Microsoft Hyper-V and VMware virtual machine images. Critical data can be protected on the cloud, to a local storage device, or to both. Progent's backup and recovery specialists can deliver advanced support to configure ProSight Data Protection Services to be compliant with regulatory standards like HIPAA, FIRPA, PCI and Safe Harbor and, when necessary, can help you to restore your critical data. Learn more about ProSight DPS Managed Cloud Backup and Recovery.
- ProSight Email Guard: Inbound and Outbound Spam Filtering and Data Leakage Protection
ProSight Email Guard is Progent's spam filtering and email encryption service that incorporates the technology of top information security companies to provide centralized control and comprehensive protection for your inbound and outbound email. The hybrid architecture of Email Guard managed service combines cloud-based filtering with a local security gateway device to provide advanced protection against spam, viruses, Denial of Service Attacks, Directory Harvest Attacks (DHAs), and other email-borne threats. Email Guard's cloud filter serves as a first line of defense and keeps the vast majority of threats from making it to your network firewall. This reduces your vulnerability to inbound threats and conserves system bandwidth and storage. Email Guard's onsite gateway appliance provides a further level of analysis for incoming email. For outbound email, the on-premises gateway provides anti-virus and anti-spam filtering, DLP, and email encryption. The local security gateway can also help Microsoft Exchange Server to monitor and protect internal email traffic that stays inside your corporate firewall. For more information, see Email Guard spam and content filtering.
- ProSight WAN Watch: Infrastructure Management
ProSight WAN Watch is an infrastructure monitoring and management service that makes it simple and affordable for smaller businesses to diagram, track, reconfigure and troubleshoot their networking appliances like routers and switches, firewalls, and wireless controllers plus servers, printers, client computers and other networked devices. Using state-of-the-art RMM technology, ProSight WAN Watch ensures that infrastructure topology diagrams are kept updated, captures and manages the configuration of almost all devices on your network, tracks performance, and sends notices when issues are detected. By automating tedious management activities, WAN Watch can knock hours off common tasks like network mapping, expanding your network, locating appliances that require important updates, or isolating performance bottlenecks. Learn more details about ProSight WAN Watch infrastructure monitoring and management consulting.
- ProSight LAN Watch: Server and Desktop Monitoring and Management
ProSight LAN Watch is Progent's server and desktop monitoring service that uses state-of-the-art remote monitoring and management (RMM) technology to keep your network operating at peak levels by tracking the health of critical computers that drive your business network. When ProSight LAN Watch detects an issue, an alarm is sent immediately to your designated IT staff and your assigned Progent engineering consultant so all looming problems can be resolved before they can disrupt productivity. Learn more about ProSight LAN Watch server and desktop remote monitoring consulting.
- ProSight Virtual Hosting: Hosted VMs at Progent's Tier III Data Center
With Progent's ProSight Virtual Hosting service, a small business can have its critical servers and applications hosted in a secure fault tolerant data center on a fast virtual host set up and managed by Progent's IT support professionals. Under Progent's ProSight Virtual Hosting model, the customer retains ownership of the data, the operating system software, and the apps. Because the environment is virtualized, it can be ported easily to an alternate hosting solution without a lengthy and technically risky reinstallation process. With ProSight Virtual Hosting, your business is not tied one hosting service. Find out more details about ProSight Virtual Hosting services.
- ProSight IT Asset Management: Network Documentation Management
ProSight IT Asset Management service is a cloud-based IT documentation management service that allows you to capture, maintain, retrieve and safeguard information about your network infrastructure, procedures, applications, and services. You can instantly find passwords or serial numbers and be warned automatically about impending expirations of SSL certificates or warranties. By cleaning up and managing your IT infrastructure documentation, you can eliminate as much as half of time thrown away trying to find critical information about your IT network. ProSight IT Asset Management includes a common repository for storing and collaborating on all documents related to managing your business network such as recommended procedures and self-service instructions. ProSight IT Asset Management also offers advanced automation for gathering and relating IT data. Whether you're making improvements, performing maintenance, or responding to a crisis, ProSight IT Asset Management gets you the knowledge you require when you need it. Find out more about Progent's ProSight IT Asset Management service.
- Progent Active Protection Against Ransomware: AI-based Ransomware Detection and Cleanup
Progent's Active Defense Against Ransomware is an endpoint protection solution that utilizes cutting edge behavior-based analysis tools to guard endpoint devices and servers and VMs against new malware assaults like ransomware and file-less exploits, which easily escape traditional signature-matching AV tools. Progent ASM services safeguard local and cloud resources and provides a unified platform to address the complete malware attack progression including protection, infiltration detection, containment, cleanup, and forensics. Key features include single-click rollback using Windows Volume Shadow Copy Service (VSS) and real-time network-wide immunization against new attacks. Learn more about Progent's ransomware defense and recovery services.
- Outsourced/Co-managed Help Center: Call Center Managed Services
Progent's Support Center services enable your information technology group to outsource Call Center services to Progent or split activity for Service Desk support transparently between your in-house network support resources and Progent's extensive pool of IT service technicians, engineers and subject matter experts (SMEs). Progent's Shared Help Desk Service provides a transparent supplement to your internal support organization. Client access to the Help Desk, delivery of support, issue escalation, ticket creation and tracking, performance metrics, and maintenance of the service database are cohesive regardless of whether issues are resolved by your in-house IT support organization, by Progent's team, or a mix of the two. Read more about Progent's outsourced/shared Help Desk services.
- Patch Management: Patch Management Services
Progent's support services for software and firmware patch management provide businesses of any size a versatile and affordable solution for evaluating, validating, scheduling, implementing, and tracking software and firmware updates to your dynamic IT system. Besides optimizing the security and reliability of your computer network, Progent's software/firmware update management services permit your in-house IT team to focus on line-of-business projects and activities that deliver the highest business value from your information network. Learn more about Progent's patch management services.
To download a white paper describing why managed services are rapidly replacing the traditional break/fix model of network support outsourcing for small and mid-size businesses, click:
10 Benefits of Managed IT Services. (PDF - 710 KB)
ProSight Network Audits
Progent's ProSight Network Audits offer a quick and low-cost alternative for small and mid-size businesses to get an objective assessment of the health of their IT system. Powered by a selection of the top remote monitoring and management tools in the industry, and supervised by Progent's world-class team of information technology experts, ProSight Network Audits show you how closely the configuration of your core network assets conform to leading practices. The Basic and Advanced versions of ProSight Network Audit services are offered at a budget-friendly, one-time cost and deliver instant benefits such as a more manageable Active Directory (AD) system. Both also come with a year of cutting-edge remote network monitoring and management (RMM). Advantages can include easier management, better compliance with government and industry security requirements, higher utilization of network assets, quicker troubleshooting, more reliable backup and restore, and higher availability. Read more information about ProSight Network Audits IT infrastructure assessment.
Contact Progent to Find Out More about Progent's ProSight Ransomware Preparedness Report Service
For pricing information and to learn more about how Progent's ProSight Ransomware Preparedness Report can reduce your vulnerability to ransomware, call Progent at 800-993-9400 or visit Contact Progent.