Ransomware has become the weapon of choice for the major cyber-crime organizations, posing an existential threat to businesses that fall victim. The latest strains of ransomware target everything, including backup, making even partial recovery a long and expensive process. New variations of ransomware like Ryuk, Hermes, and MongoLock have made the headlines, displacing WannaCry, Locky, and NotPetya in notoriety, elaborateness, and destructive impact.
90% of ransomware infections come from innocent-seeming emails with malicious links or attachments, and many are so-called "zero-day" attacks that can escape detection by traditional signature-based antivirus (AV) tools. While user education and frontline detection are critical to defend against ransomware, best practices dictate that you assume some attacks will succeed and that you put in place a strong backup solution that allows you to recover quickly with minimal damage.
Progent's ProSight Ransomware Preparedness Report is an ultra-affordable service centered around an interview with a Progent security consultant experienced in ransomware defense and recovery. Progent will help determine your company's readiness to block or recover from a ransomware attack. During this interview Progent will work directly with you to gather pertinent information about your security and backup environment. Progent will use this information to produce a written Basic Security and Best Practices Report detailing how to apply best practices for configuring and managing your security and backup systems.
Progentís Basic Security and Best Practices Report focuses on key issues associated with prevention (Security) and recovery (Backups). The review addresses:
- Correct use of administration accounts
- Correct NTFS and SMB permissions
- Optimal firewall settings
- AntiVirus and configuration
The interview process included with the ProSight Ransomware Preparedness Report service takes about one hour for a typical small business network and longer for larger or more complex environments. The written report includes recommendations for improving your ability to ward off or recover from a ransomware attack, and Progent can provide as-needed expertise to help you and your IT staff create a cost-effective security/backup solution tailored to your business needs.
- Split permission model for backup protection
- Backing up required servers (AD)
- Offsite backups including cloud backup to Azure
Ransomware is a form of malware that either encrypts files so they are unreadable or deletes them altogether. Ransomware often locks the victim's computer so it is unusable. To reverse the damage, the victim is required to pay a specified amount of money (the ransom), typically via a crypto currency like Bitcoin, within a short time window. There is no guarantee that paying the ransom will result in a recovery. Compromised or deleted files can extend throughout a network depending on the victim's write permissions, and the military-grade encryption algorithm used on the hostage files cannot be broken. The most common ransomware attack vector is spoofed email, which the user is lured into opening by a social engineering technique known as spear phishing. This makes the email look as though it came from a trusted sender.
CryptoLocker opened the modern era of ransomware in 2013, and the damage caused by ransomware variants is estimated at billions of dollars annually, more than doubling every two years. Notorious recent threats include WannaCry/WannaCrypt, Locky, Cerber, NotPetya and Spora. Current high-profile threats like Ryuk, Hermes, and MongoLock are more elaborate and have caused more havoc. Because new variants of ransomware crop up daily, there is no guarantee that conventional signature-matching anit-virus tools will block the latest attack. If an attack does show up in an email, it is critical that your users have been educated to be wary of social engineering tricks. Your last line of defense is a solid scheme for scheduling and retaining offsite backups plus the deployment of reliable recovery tools.
ProSight Managed Services Offered by Progent
Progent's ProSight network management suite is a family of affordable, subscription-based service packages that allow small and mid-size businesses to outsource crucial IT management functions. ProSight services that can help defend against or recover from ransomware attacks include email filtering, next-generation AV based on behavior analysis, automatic isolation of infected computers and immediate inoculation of safe devices, plus cloud-based backup with both granular and whole-site recovery.
Read or Download Progent's White Paper: 10 Benefits of Managed IT Services
- ProSight Active Security Monitoring: Endpoint Protection and Ransomware Defense
Progent's ProSight Active Security Monitoring is an endpoint protection (EPP) solution that utilizes next generation behavior-based machine learning technology to guard physical and virtual endpoint devices against modern malware assaults such as ransomware and file-less exploits, which routinely escape legacy signature-matching anti-virus tools. ProSight Active Security Monitoring protects on-premises and cloud resources and provides a unified platform to manage the complete threat progression including filtering, identification, containment, remediation, and forensics. Key features include single-click rollback using Windows VSS and real-time network-wide immunization against newly discovered threats. Read more about Progent's ProSight Active Security Monitoring endpoint protection and ransomware recovery.
- ProSight Enhanced Security Protection (ESP): Physical and Virtual Endpoint Protection and Microsoft Exchange Email Filtering
ProSight Enhanced Security Protection services deliver affordable in-depth security for physical servers and virtual machines, desktops, smartphones, and Microsoft Exchange. ProSight ESP utilizes adaptive security and modern behavior analysis for round-the-clock monitoring and responding to cyber threats from all attack vectors. ProSight ESP offers two-way firewall protection, penetration alarms, device control, and web filtering via leading-edge technologies incorporated within a single agent managed from a single control. Progent's security and virtualization experts can help your business to design and configure a ProSight ESP environment that addresses your company's unique needs and that allows you prove compliance with legal and industry information protection standards. Progent will assist you specify and configure security policies that ProSight ESP will manage, and Progent will monitor your network and respond to alarms that call for urgent attention. Progent's consultants can also assist you to install and verify a backup and restore system such as ProSight Data Protection Services (DPS) so you can recover rapidly from a destructive cyber attack such as ransomware. Find out more about Progent's ProSight Enhanced Security Protection (ESP) unified physical and virtual endpoint security and Microsoft Exchange email filtering.
- ProSight Data Protection Services: Managed Backup and Disaster Recovery
ProSight Data Protection Services from Progent offer small and mid-sized businesses a low cost end-to-end service for reliable backup/disaster recovery (BDR). For a fixed monthly price, ProSight Data Protection Services automates your backup activities and allows fast recovery of critical files, applications and virtual machines that have become unavailable or damaged due to hardware breakdowns, software bugs, natural disasters, human mistakes, or malicious attacks like ransomware. ProSight DPS can help you protect, retrieve and restore files, folders, apps, system images, plus Hyper-V and VMware virtual machine images. Critical data can be protected on the cloud, to a local device, or to both. Progent's BDR specialists can provide world-class expertise to set up ProSight Data Protection Services to to comply with regulatory requirements such as HIPPA, FIRPA, PCI and Safe Harbor and, when necessary, can assist you to restore your business-critical data. Read more about ProSight Data Protection Services Managed Cloud Backup and Recovery.
- ProSight Email Guard: Inbound and Outbound Spam Filtering and Data Leakage Protection
ProSight Email Guard is Progent's spam filtering service that incorporates the technology of leading data security vendors to provide web-based control and world-class protection for all your email traffic. The powerful architecture of Email Guard managed service combines cloud-based filtering with a local gateway device to provide advanced defense against spam, viruses, Denial of Service (DoS) Attacks, Directory Harvest Attacks, and other email-borne threats. Email Guard's cloud filter serves as a preliminary barricade and blocks the vast majority of unwanted email from making it to your network firewall. This reduces your vulnerability to external threats and conserves system bandwidth and storage. Email Guard's on-premises security gateway device provides a deeper level of inspection for incoming email. For outbound email, the onsite security gateway offers anti-virus and anti-spam filtering, policy-based Data Loss Prevention, and email encryption. The onsite security gateway can also help Exchange Server to track and protect internal email traffic that originates and ends inside your security perimeter. For more details, see Email Guard spam and content filtering.
- ProSight WAN Watch: Network Infrastructure Management
ProSight WAN Watch is a network infrastructure management service that makes it simple and affordable for small and mid-sized businesses to diagram, track, reconfigure and troubleshoot their connectivity appliances such as routers and switches, firewalls, and load balancers as well as servers, client computers and other networked devices. Incorporating cutting-edge Remote Monitoring and Management technology, ProSight WAN Watch makes sure that infrastructure topology maps are always updated, captures and displays the configuration information of almost all devices connected to your network, monitors performance, and generates notices when problems are discovered. By automating complex management and troubleshooting activities, WAN Watch can cut hours off common tasks such as making network diagrams, reconfiguring your network, finding devices that require important updates, or isolating performance issues. Learn more about ProSight WAN Watch infrastructure management consulting.
- ProSight LAN Watch: Server and Desktop Remote Monitoring
ProSight LAN Watch is Progentís server and desktop monitoring managed service that uses state-of-the-art remote monitoring and management (RMM) technology to keep your IT system running at peak levels by checking the health of vital assets that power your business network. When ProSight LAN Watch detects a problem, an alert is sent automatically to your specified IT management personnel and your assigned Progent engineering consultant so that any potential issues can be resolved before they can disrupt your network. Learn more details about ProSight LAN Watch server and desktop monitoring services.
- ProSight Virtual Hosting: Hosted Virtual Machines at Progent's Tier III Data Center
With ProSight Virtual Hosting service, a small or mid-size business can have its key servers and applications hosted in a protected fault tolerant data center on a fast virtual host set up and managed by Progent's IT support experts. Under Progent's ProSight Virtual Hosting model, the customer retains ownership of the data, the OS software, and the apps. Since the environment is virtualized, it can be moved easily to a different hardware environment without a time-consuming and technically risky reinstallation procedure. With ProSight Virtual Hosting, you are not tied a single hosting provider. Learn more details about ProSight Virtual Hosting services.
- ProSight IT Asset Management: Network Documentation Management
ProSight IT Asset Management service is an IT infrastructure documentation management service that allows you to capture, maintain, retrieve and safeguard information related to your network infrastructure, procedures, business apps, and services. You can quickly locate passwords or IP addresses and be alerted about impending expirations of SSL certificates or domains. By updating and organizing your IT infrastructure documentation, you can eliminate as much as half of time wasted trying to find critical information about your network. ProSight IT Asset Management features a common repository for holding and collaborating on all documents related to managing your network infrastructure like standard operating procedures (SOPs) and self-service instructions. ProSight IT Asset Management also supports advanced automation for collecting and associating IT information. Whether youíre making enhancements, performing regular maintenance, or reacting to a crisis, ProSight IT Asset Management gets you the data you require as soon as you need it. Learn more about Progent's ProSight IT Asset Management service.
To view a white paper describing why managed services are rapidly replacing the old break/fix model of network support outsourcing for small and mid-size organizations, click:
10 Benefits of Managed IT Services. (PDF - 710 KB)
ProSight Network Audits
Progent's ProSight Network Audits are a quick and low-cost way for small and medium-size businesses to obtain an objective evaluation of the health of their IT system. Powered by a selection of the leading remote monitoring and management tools available, and supervised by Progent's world-class group of IT professionals, ProSight Network Audits help you see how closely the configuration of your essential infrastructure assets conform to best practices. The Basic and Advanced options for ProSight Network Audit services are offered at a low, one-time cost and deliver immediate benefits like a cleaner Active Directory environment. Both versions also include one year of advanced remote network monitoring and management (RMM). Benefits can include lower-cost management, improved compliance with government and industry security standards, more efficient utilization of IT resources, faster troubleshooting, more dependable backup and restore, and increased uptime. Read more information about ProSight Network Audits IT infrastructure review.
Contact Progent to Find Out More about Progent's ProSight Ransomware Preparedness Report Service
For pricing information and to learn more about how Progent's ProSight Ransomware Preparedness Report can reduce your vulnerability to ransomware, call Progent at 800-993-9400 or visit Contact Progent.