Ransomware has become the weapon of choice for the major cyber-crime organizations, posing an existential threat to businesses that fall victim. The latest strains of ransomware target everything, including backup, making even partial recovery a long and expensive process. New variations of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, and Egregor have made the headlines, displacing WannaCry, Cerber, CryptoWall, and NotPetya in notoriety, elaborateness, and destructive impact.
90% of ransomware infections come from innocent-seeming emails with malicious links or attachments, and many are so-called "zero-day" attacks that can escape detection by traditional signature-based antivirus (AV) tools. While user education and frontline detection are critical to defend against ransomware, best practices dictate that you assume some attacks will succeed and that you put in place a strong backup solution that allows you to recover quickly with minimal damage.
Progent's ProSight Ransomware Preparedness Report is an ultra-affordable service centered around an interview with a Progent security consultant experienced in ransomware defense and recovery. Progent will help determine your company's readiness to block or recover from a ransomware attack. During this interview Progent will work directly with you to gather pertinent information about your security and backup environment. Progent will use this information to produce a written Basic Security and Best Practices Report detailing how to apply best practices for configuring and managing your security and backup systems.
Progent's Basic Security and Best Practices Report focuses on key issues associated with prevention (Security) and recovery (Backups). The review addresses:
Security
- Correct use of administration accounts
- Correct NTFS and SMB permissions
- Optimal firewall settings
- Secure RDP connections
- AntiVirus tools selection and configuration
Backups
- Split permission model for backup protection
- Backing up required servers (AD)
- Offsite backups including cloud backup to Azure
The interview process included with the ProSight Ransomware Preparedness Report service takes about one hour for a typical small business network and longer for larger or more complex environments. The written report includes recommendations for improving your ability to ward off or recover from a ransomware attack, and Progent can provide as-needed expertise to help you and your IT staff create a cost-effective security/backup solution tailored to your business needs.
About Ransomware
Ransomware is a form of malware that either encrypts files so they are unreadable or deletes them altogether. Ransomware often locks the victim's computer so it is unusable. To reverse the damage, the victim is required to pay a specified amount of money (the ransom), typically via a crypto currency like Bitcoin, within a short time window. There is no guarantee that paying the ransom will result in a recovery. Compromised or deleted files can extend throughout a network depending on the victim's write permissions, and the military-grade encryption algorithm used on the hostage files cannot be broken. A common ransomware attack vector is spoofed email, which the user is lured into opening by a social engineering technique known as spear phishing. This makes the email look as though it came from a trusted sender. The most targeted attack vector is an improperly secured Remote Desktop Protocol (RDP) port. These are becoming more of a problem as businesses support more at-home workers.
CryptoLocker opened the modern era of ransomware in 2013, and the damage caused by ransomware variants is estimated at billions of dollars annually, more than doubling every two years. Notorious recent threats include WannaCry/WannaCrypt, Locky, Cerber, NotPetya and Spora. Current high-profile threats like Ryuk, Maze, and Sodinokibi are more elaborate and have caused more havoc. Even if your backup processes allow you to recover your ransomed files, you can still be threatened by exfiltration, where stolen data is made publc (known as "doxxing"). Because new variants of ransomware crop up daily, there is no guarantee that conventional signature-matching anit-virus tools will block the latest attack. If an attack does show up in an email, it is critical that your users have been educated to be wary of social engineering tricks. Your last line of defense is a solid scheme for scheduling and retaining offsite backups plus the deployment of reliable recovery tools.
ProSight Managed Services Offered by Progent
Progent's ProSight network management suite is a family of affordable, subscription-based service packages that allow small and mid-size businesses to outsource crucial IT management functions. ProSight services that can help defend against or recover from ransomware attacks include email filtering, next-generation AV based on behavior analysis, automatic isolation of infected computers and immediate inoculation of safe devices, plus cloud-based backup with both granular and whole-site recovery.
- ProSight Active Security Monitoring: Endpoint Protection and Ransomware Defense
ProSight Active Security Monitoring is an endpoint protection (EPP) solution that incorporates next generation behavior machine learning tools to defend physical and virtual endpoint devices against new malware assaults such as ransomware and email phishing, which easily evade legacy signature-based anti-virus tools. ProSight Active Security Monitoring protects on-premises and cloud resources and provides a single platform to manage the entire threat lifecycle including blocking, infiltration detection, containment, remediation, and post-attack forensics. Top capabilities include single-click rollback with Windows Volume Shadow Copy Service and automatic network-wide immunization against newly discovered attacks. Learn more about Progent's ProSight Active Security Monitoring (ASM) endpoint protection and ransomware defense.
- ProSight Enhanced Security Protection: Endpoint Security and Microsoft Exchange Email Filtering
ProSight Enhanced Security Protection managed services offer economical in-depth protection for physical servers and virtual machines, desktops, smartphones, and Exchange Server. ProSight ESP uses adaptive security and modern behavior analysis for round-the-clock monitoring and reacting to security threats from all attack vectors. ProSight ESP delivers two-way firewall protection, penetration alarms, endpoint control, and web filtering through leading-edge tools incorporated within a single agent managed from a single control. Progent's security and virtualization consultants can help your business to plan and implement a ProSight ESP environment that addresses your organization's specific needs and that allows you achieve and demonstrate compliance with government and industry data protection standards. Progent will assist you specify and implement security policies that ProSight ESP will manage, and Progent will monitor your network and react to alarms that require immediate action. Progent's consultants can also assist your company to set up and test a backup and disaster recovery solution like ProSight Data Protection Services (DPS) so you can recover quickly from a potentially disastrous cyber attack such as ransomware. Find out more about Progent's ProSight Enhanced Security Protection (ESP) unified physical and virtual endpoint security and Microsoft Exchange email filtering.
- ProSight Data Protection Services: Managed Backup and Recovery
ProSight Data Protection Services offer small and medium-sized organizations a low cost and fully managed solution for reliable backup/disaster recovery. Available at a low monthly cost, ProSight Data Protection Services automates and monitors your backup processes and allows rapid restoration of critical files, apps and virtual machines that have become unavailable or corrupted due to component failures, software glitches, natural disasters, human mistakes, or malware attacks such as ransomware. ProSight DPS can help you protect, recover and restore files, folders, apps, system images, as well as Microsoft Hyper-V and VMware images/. Critical data can be backed up on the cloud, to a local storage device, or mirrored to both. Progent's BDR specialists can deliver world-class expertise to set up ProSight Data Protection Services to to comply with government and industry regulatory requirements such as HIPAA, FINRA, PCI and Safe Harbor and, whenever necessary, can assist you to recover your business-critical data. Learn more about ProSight DPS Managed Cloud Backup and Recovery.
- ProSight Email Guard: Inbound and Outbound Spam Filtering and Data Leakage Protection
ProSight Email Guard is Progent's spam filtering and email encryption service that incorporates the infrastructure of leading data security companies to provide centralized control and comprehensive protection for your inbound and outbound email. The hybrid architecture of Email Guard combines a Cloud Protection Layer with an on-premises gateway device to provide advanced protection against spam, viruses, Dos Attacks, Directory Harvest Attacks (DHAs), and other email-borne malware. The cloud filter serves as a first line of defense and blocks the vast majority of threats from reaching your security perimeter. This decreases your exposure to external threats and conserves system bandwidth and storage space. Email Guard's onsite gateway device provides a further layer of inspection for inbound email. For outbound email, the on-premises security gateway provides AV and anti-spam protection, protection against data leaks, and email encryption. The on-premises security gateway can also assist Exchange Server to monitor and safeguard internal email that originates and ends within your corporate firewall. For more details, see Email Guard spam filtering and data leakage protection.
- ProSight WAN Watch: Infrastructure Remote Monitoring and Management
ProSight WAN Watch is an infrastructure management service that makes it simple and inexpensive for smaller businesses to map out, track, optimize and debug their connectivity appliances like switches, firewalls, and access points as well as servers, endpoints and other devices. Using state-of-the-art Remote Monitoring and Management (RMM) technology, ProSight WAN Watch ensures that network maps are kept current, copies and manages the configuration information of virtually all devices connected to your network, monitors performance, and generates alerts when potential issues are discovered. By automating complex management and troubleshooting processes, WAN Watch can knock hours off common tasks such as making network diagrams, reconfiguring your network, finding appliances that need important software patches, or identifying the cause of performance issues. Learn more details about ProSight WAN Watch infrastructure monitoring and management services.
- ProSight LAN Watch: Server and Desktop Remote Monitoring and Management
ProSight LAN Watch is Progent’s server and desktop remote monitoring managed service that uses advanced remote monitoring and management (RMM) technology to help keep your IT system running efficiently by tracking the health of vital computers that power your information system. When ProSight LAN Watch uncovers an issue, an alert is transmitted immediately to your specified IT personnel and your Progent engineering consultant so all looming issues can be addressed before they have a chance to disrupt your network. Find out more details about ProSight LAN Watch server and desktop monitoring consulting.
- ProSight Virtual Hosting: Hosted VMs at Progent's Tier III Data Center
With ProSight Virtual Hosting service, a small or mid-size business can have its key servers and apps hosted in a secure fault tolerant data center on a high-performance virtual machine host set up and managed by Progent's network support professionals. Under Progent's ProSight Virtual Hosting service model, the client retains ownership of the data, the OS software, and the applications. Since the system is virtualized, it can be moved immediately to a different hardware solution without requiring a time-consuming and difficult reinstallation procedure. With ProSight Virtual Hosting, you are not tied one hosting service. Find out more details about ProSight Virtual Hosting services.
- ProSight IT Asset Management: Network Documentation Management
ProSight IT Asset Management service is an IT infrastructure documentation management service that makes it easy to create, maintain, retrieve and protect data about your IT infrastructure, processes, business apps, and services. You can instantly find passwords or serial numbers and be warned about upcoming expirations of SSLs ,domains or warranties. By updating and organizing your network documentation, you can eliminate up to half of time spent looking for critical information about your network. ProSight IT Asset Management includes a common repository for holding and sharing all documents required for managing your network infrastructure like standard operating procedures (SOPs) and self-service instructions. ProSight IT Asset Management also supports advanced automation for gathering and associating IT information. Whether you’re planning enhancements, doing maintenance, or reacting to a crisis, ProSight IT Asset Management gets you the knowledge you need as soon as you need it. Find out more about ProSight IT Asset Management service.
Read or Download Progent's White Paper: 10 Benefits of Managed IT Services
To view a white paper explaining why managed services are rapidly replacing the old break/fix model of IT support outsourcing for small and mid-size companies, click:
10 Benefits of Managed IT Services. (PDF - 710 KB)
ProSight Network Audits
Progent's ProSight Network Audits are a quick and affordable alternative for small and medium-size organizations to get an unbiased evaluation of the overall health of their network. Powered by a selection of the top remote monitoring and management platforms available, and overseen by Progent's world-class team of IT professionals, ProSight Network Audits show you how closely the configuration of your essential infrastructure assets adhere to leading practices. The Basic and Advanced options for ProSight Network Audit services are offered at a budget-friendly, one-time cost and deliver instant benefits like a cleaner Active Directory (AD) system. Both versions also come with a year of state-of-the-art remote network monitoring and management (RMM). Advantages can include lower-cost management, improved compliance with information security regulations, higher utilization of IT assets, faster troubleshooting, more dependable backup and restore, and increased uptime. Read more information about Progent's ProSight Network Audits IT infrastructure review.
Contact Progent to Find Out More about Progent's ProSight Ransomware Preparedness Report Service
For pricing information and to learn more about how Progent's ProSight Ransomware Preparedness Report can reduce your vulnerability to ransomware, call Progent at 800-993-9400 or visit Contact Progent.