Ransomware has become the weapon of choice for the major cyber-crime organizations, posing an existential threat to businesses that fall victim. The latest strains of ransomware target everything, including backup, making even partial recovery a long and expensive process. New variations of ransomware like Ryuk, Hermes, and MongoLock have made the headlines, displacing WannaCry, Locky, and NotPetya in notoriety, elaborateness, and destructive impact.
90% of ransomware infections come from innocent-seeming emails with malicious links or attachments, and many are so-called "zero-day" attacks that can escape detection by traditional signature-based antivirus (AV) tools. While user education and frontline detection are critical to defend against ransomware, best practices dictate that you assume some attacks will succeed and that you put in place a strong backup solution that allows you to recover quickly with minimal damage.
Progent's ProSight Ransomware Preparedness Report is an ultra-affordable service centered around an interview with a Progent security consultant experienced in ransomware defense and recovery. Progent will help determine your company's readiness to block or recover from a ransomware attack. During this interview Progent will work directly with you to gather pertinent information about your security and backup environment. Progent will use this information to produce a written Basic Security and Best Practices Report detailing how to apply best practices for configuring and managing your security and backup systems.
Progent's Basic Security and Best Practices Report focuses on key issues associated with prevention (Security) and recovery (Backups). The review addresses:
- Correct use of administration accounts
- Correct NTFS and SMB permissions
- Optimal firewall settings
- AntiVirus and configuration
The interview process included with the ProSight Ransomware Preparedness Report service takes about one hour for a typical small business network and longer for larger or more complex environments. The written report includes recommendations for improving your ability to ward off or recover from a ransomware attack, and Progent can provide as-needed expertise to help you and your IT staff create a cost-effective security/backup solution tailored to your business needs.
- Split permission model for backup protection
- Backing up required servers (AD)
- Offsite backups including cloud backup to Azure
Ransomware is a form of malware that either encrypts files so they are unreadable or deletes them altogether. Ransomware often locks the victim's computer so it is unusable. To reverse the damage, the victim is required to pay a specified amount of money (the ransom), typically via a crypto currency like Bitcoin, within a short time window. There is no guarantee that paying the ransom will result in a recovery. Compromised or deleted files can extend throughout a network depending on the victim's write permissions, and the military-grade encryption algorithm used on the hostage files cannot be broken. The most common ransomware attack vector is spoofed email, which the user is lured into opening by a social engineering technique known as spear phishing. This makes the email look as though it came from a trusted sender.
CryptoLocker opened the modern era of ransomware in 2013, and the damage caused by ransomware variants is estimated at billions of dollars annually, more than doubling every two years. Notorious recent threats include WannaCry/WannaCrypt, Locky, Cerber, NotPetya and Spora. Current high-profile threats like Ryuk, Hermes, and MongoLock are more elaborate and have caused more havoc. Because new variants of ransomware crop up daily, there is no guarantee that conventional signature-matching anit-virus tools will block the latest attack. If an attack does show up in an email, it is critical that your users have been educated to be wary of social engineering tricks. Your last line of defense is a solid scheme for scheduling and retaining offsite backups plus the deployment of reliable recovery tools.
ProSight Managed Services Offered by Progent
Progent's ProSight network management suite is a family of affordable, subscription-based service packages that allow small and mid-size businesses to outsource crucial IT management functions. ProSight services that can help defend against or recover from ransomware attacks include email filtering, next-generation AV based on behavior analysis, automatic isolation of infected computers and immediate inoculation of safe devices, plus cloud-based backup with both granular and whole-site recovery.
Read or Download Progent's White Paper: 10 Benefits of Managed IT Services
- ProSight Active Security Monitoring: Endpoint Protection and Ransomware Defense
Progent's ProSight Active Security Monitoring is an endpoint protection (EPP) solution that utilizes cutting edge behavior machine learning technology to guard physical and virtual endpoints against new malware assaults like ransomware and file-less exploits, which routinely escape traditional signature-matching anti-virus products. ProSight Active Security Monitoring safeguards local and cloud resources and offers a unified platform to manage the entire threat progression including blocking, identification, containment, remediation, and post-attack forensics. Key features include one-click rollback using Windows Volume Shadow Copy Service (VSS) and real-time network-wide immunization against newly discovered attacks. Learn more about Progent's ProSight Active Security Monitoring endpoint protection and ransomware recovery.
- ProSight Enhanced Security Protection (ESP): Physical and Virtual Endpoint Security and Exchange Filtering
ProSight Enhanced Security Protection services deliver ultra-affordable multi-layer security for physical servers and VMs, workstations, mobile devices, and Exchange email. ProSight ESP utilizes adaptive security and advanced machine learning for continuously monitoring and responding to cyber threats from all vectors. ProSight ESP offers two-way firewall protection, penetration alarms, device control, and web filtering through cutting-edge tools incorporated within a single agent managed from a unified console. Progent's data protection and virtualization experts can help you to plan and configure a ProSight ESP environment that addresses your organization's unique needs and that helps you achieve and demonstrate compliance with government and industry data protection standards. Progent will help you define and configure security policies that ProSight ESP will enforce, and Progent will monitor your IT environment and respond to alerts that require immediate attention. Progent's consultants can also help you to set up and verify a backup and restore system such as ProSight Data Protection Services so you can get back in business rapidly from a destructive cyber attack like ransomware. Find out more about Progent's ProSight Enhanced Security Protection (ESP) unified physical and virtual endpoint security and Microsoft Exchange email filtering.
- ProSight Data Protection Services: Managed Backup and Disaster Recovery
ProSight Data Protection Services offer small and mid-sized businesses a low cost and fully managed service for secure backup/disaster recovery (BDR). For a fixed monthly rate, ProSight Data Protection Services automates and monitors your backup activities and enables rapid restoration of critical files, applications and virtual machines that have become unavailable or damaged as a result of hardware failures, software glitches, disasters, human mistakes, or malware attacks like ransomware. ProSight DPS can help you protect, recover and restore files, folders, apps, system images, as well as Microsoft Hyper-V and VMware images/. Important data can be protected on the cloud, to a local device, or to both. Progent's backup and recovery specialists can provide advanced support to configure ProSight Data Protection Services to to comply with government and industry regulatory requirements such as HIPPA, FINRA, PCI and Safe Harbor and, whenever needed, can assist you to restore your critical information. Learn more about ProSight Data Protection Services Managed Cloud Backup and Recovery.
- ProSight Email Guard: Inbound and Outbound Spam Filtering and Data Leakage Protection
ProSight Email Guard is Progent's spam filtering and email encryption service that incorporates the infrastructure of leading data security companies to deliver centralized control and comprehensive protection for all your email traffic. The hybrid architecture of Email Guard managed service integrates a Cloud Protection Layer with an on-premises gateway device to offer advanced defense against spam, viruses, Denial of Service Attacks, Directory Harvest Attacks, and other email-borne malware. The cloud filter acts as a preliminary barricade and blocks most unwanted email from reaching your security perimeter. This reduces your vulnerability to external threats and saves network bandwidth and storage space. Email Guard's on-premises gateway appliance adds a deeper level of analysis for inbound email. For outgoing email, the onsite gateway offers anti-virus and anti-spam protection, policy-based Data Loss Prevention, and email encryption. The on-premises security gateway can also help Exchange Server to track and protect internal email traffic that originates and ends within your corporate firewall. For more details, visit ProSight Email Guard spam and content filtering.
- ProSight WAN Watch: Network Infrastructure Management
ProSight WAN Watch is a network infrastructure management service that makes it easy and inexpensive for small and mid-sized businesses to map, track, optimize and troubleshoot their networking hardware like routers and switches, firewalls, and load balancers plus servers, endpoints and other networked devices. Using state-of-the-art RMM technology, ProSight WAN Watch ensures that infrastructure topology diagrams are kept updated, copies and manages the configuration of virtually all devices connected to your network, monitors performance, and generates notices when issues are discovered. By automating complex management and troubleshooting activities, WAN Watch can knock hours off common tasks such as network mapping, expanding your network, locating devices that require important updates, or isolating performance bottlenecks. Find out more details about ProSight WAN Watch network infrastructure monitoring and management services.
- ProSight LAN Watch: Server and Desktop Remote Monitoring and Management
ProSight LAN Watch is Progentís server and desktop monitoring service that incorporates advanced remote monitoring and management techniques to keep your IT system operating efficiently by tracking the health of critical computers that drive your information system. When ProSight LAN Watch uncovers a problem, an alert is transmitted automatically to your designated IT personnel and your assigned Progent engineering consultant so all potential problems can be resolved before they can disrupt your network. Learn more details about ProSight LAN Watch server and desktop remote monitoring services.
- ProSight Virtual Hosting: Hosted Virtual Machines at Progent's World-class Data Center
With Progent's ProSight Virtual Hosting service, a small organization can have its critical servers and applications hosted in a secure Tier III data center on a high-performance virtual host configured and managed by Progent's network support experts. Under the ProSight Virtual Hosting service model, the client retains ownership of the data, the operating system platforms, and the applications. Since the environment is virtualized, it can be ported easily to an alternate hosting environment without a lengthy and difficult configuration procedure. With ProSight Virtual Hosting, your business is not tied one hosting provider. Find out more details about ProSight Virtual Hosting services.
- ProSight IT Asset Management: Network Documentation Management
Progent's ProSight IT Asset Management service is a cloud-based IT documentation management service that allows you to capture, maintain, retrieve and protect information about your IT infrastructure, procedures, business apps, and services. You can quickly locate passwords or serial numbers and be alerted automatically about upcoming expirations of SSL certificates ,domains or warranties. By cleaning up and managing your network documentation, you can eliminate up to 50% of time spent searching for vital information about your network. ProSight IT Asset Management includes a centralized location for holding and collaborating on all documents related to managing your network infrastructure like recommended procedures and How-To's. ProSight IT Asset Management also offers a high level of automation for collecting and associating IT information. Whether youíre making improvements, doing regular maintenance, or responding to an emergency, ProSight IT Asset Management gets you the information you need as soon as you need it. Find out more about Progent's ProSight IT Asset Management service.
To view a white paper describing why managed services are rapidly replacing the old break/fix model of IT support for small and mid-size companies, click:
10 Benefits of Managed IT Services. (PDF - 710 KB)
ProSight Network Audits
Progent's ProSight Network Audits are a fast and low-cost way for small and medium-size organizations to obtain an unbiased assessment of the overall health of their IT system. Powered by some of the top remote monitoring and management platforms available, and supervised by Progent's world-class group of IT professionals, ProSight Network Audits show you how well the configuration of your essential infrastructure assets adhere to industry best practices. The Basic and Advanced versions of ProSight Network Audit services are available at a low, one-time cost and provide immediate benefits such as a cleaner Active Directory (AD) environment. Both also include a year of state-of-the-art remote network monitoring and management (RMM). Advantages can include simpler management, improved compliance with government and industry security regulations, higher utilization of network resources, faster troubleshooting, more dependable backup and restore, and higher availability. See more information about ProSight Network Audits IT infrastructure review.
Contact Progent to Find Out More about Progent's ProSight Ransomware Preparedness Report Service
For pricing information and to learn more about how Progent's ProSight Ransomware Preparedness Report can reduce your vulnerability to ransomware, call Progent at 800-993-9400 or visit Contact Progent.