Remote Network Management for Small and Midsize Businesses

Ransomware has become the weapon of choice for the major cyber-crime organizations, posing an existential threat to businesses that fall victim. The latest strains of ransomware target everything, including backup, making even partial recovery a long and expensive process. New variations of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, and Egregor have made the headlines, displacing WannaCry, Cerber, CryptoWall, and NotPetya in notoriety, elaborateness, and destructive impact.

90% of ransomware infections come from innocent-seeming emails with malicious links or attachments, and many are so-called "zero-day" attacks that can escape detection by traditional signature-based antivirus (AV) tools. While user education and frontline detection are critical to defend against ransomware, best practices dictate that you assume some attacks will succeed and that you put in place a strong backup solution that allows you to recover quickly with minimal damage.

Progent's ProSight Ransomware Preparedness Report is an ultra-affordable service centered around an interview with a Progent security consultant experienced in ransomware defense and recovery. Progent will help determine your company's readiness to block or recover from a ransomware attack. During this interview Progent will work directly with you to gather pertinent information about your security and backup environment. Progent will use this information to produce a written Basic Security and Best Practices Report detailing how to apply best practices for configuring and managing your security and backup systems.

Progent's Basic Security and Best Practices Report focuses on key issues associated with prevention (Security) and recovery (Backups). The review addresses:

Security

• Correct use of administration accounts
• Correct NTFS and SMB permissions
• Optimal firewall settings
• Secure RDP connections
• AntiVirus tools selection and configuration

• Split permission model for backup protection
• Backing up required servers (AD)
• Offsite backups including cloud backup to Azure

About Ransomware
Ransomware is a form of malware that either encrypts files so they are unreadable or deletes them altogether. Ransomware often locks the victim's computer so it is unusable. To reverse the damage, the victim is required to pay a specified amount of money (the ransom), typically via a crypto currency like Bitcoin, within a short time window. There is no guarantee that paying the ransom will result in a recovery. Compromised or deleted files can extend throughout a network depending on the victim's write permissions, and the military-grade encryption algorithm used on the hostage files cannot be broken. A common ransomware attack vector is spoofed email, which the user is lured into opening by a social engineering technique known as spear phishing. This makes the email look as though it came from a trusted sender. The most targeted attack vector is an improperly secured Remote Desktop Protocol (RDP) port. These are becoming more of a problem as businesses support more at-home workers.

CryptoLocker opened the modern era of ransomware in 2013, and the damage caused by ransomware variants is estimated at billions of dollars annually, more than doubling every two years. Notorious recent threats include WannaCry/WannaCrypt, Locky, Cerber, NotPetya and Spora. Current high-profile threats like Ryuk, Maze, and Sodinokibi are more elaborate and have caused more havoc. Even if your backup processes allow you to recover your ransomed files, you can still be threatened by exfiltration, where stolen data is made publc (known as "doxxing"). Because new variants of ransomware crop up daily, there is no guarantee that conventional signature-matching anit-virus tools will block the latest attack. If an attack does show up in an email, it is critical that your users have been educated to be wary of social engineering tricks. Your last line of defense is a solid scheme for scheduling and retaining offsite backups plus the deployment of reliable recovery tools.

ProSight Managed Services Offered by Progent
Progent's ProSight network management suite is a family of affordable, subscription-based service packages that allow small and mid-size businesses to outsource crucial IT management functions. ProSight services that can help defend against or recover from ransomware attacks include email filtering, next-generation AV based on behavior analysis, automatic isolation of infected computers and immediate inoculation of safe devices, plus cloud-based backup with both granular and whole-site recovery.

• ProSight LAN Watch: Server and Desktop Remote Monitoring
  ProSight LAN Watch is Progent's server and desktop monitoring service that uses state-of-the-art remote monitoring and management (RMM) technology to keep your network running efficiently by checking the health of critical computers that power your information system. When ProSight LAN Watch detects a problem, an alert is transmitted immediately to your specified IT management staff and your Progent consultant so any potential problems can be addressed before they have a chance to impact your network. Learn more details about ProSight LAN Watch server and desktop monitoring services.

• ProSight LAN Watch with NinjaOne RMM: Centralized RMM for Networks, Servers, and Workstations
  ProSight LAN Watch with NinjaOne RMM software offers a unified, cloud-based platform for managing your client-server infrastructure by offering an environment for performing common tedious tasks. These include health monitoring, patch management, automated remediation, endpoint deployment, backup and restore, anti-virus defense, secure remote access, standard and custom scripts, asset inventory, endpoint status reports, and debugging assistance. When ProSight LAN Watch with NinjaOne RMM uncovers a serious issue, it transmits an alert to your specified IT personnel and your assigned Progent technical consultant so that emerging problems can be taken care of before they interfere with your network. Find out more about ProSight LAN Watch with NinjaOne RMM server and desktop monitoring services.

• ProSight WAN Watch: Infrastructure Remote Monitoring and Management
  Progent's ProSight WAN Watch is a network infrastructure management service that makes it simple and affordable for smaller businesses to map, track, reconfigure and debug their networking hardware such as switches, firewalls, and access points as well as servers, printers, client computers and other devices. Using state-of-the-art Remote Monitoring and Management technology, WAN Watch ensures that network maps are always current, captures and manages the configuration information of almost all devices connected to your network, tracks performance, and sends alerts when potential issues are detected. By automating complex network management processes, WAN Watch can cut hours off ordinary tasks such as making network diagrams, expanding your network, locating devices that require critical updates, or identifying the cause of performance issues. Learn more details about ProSight WAN Watch network infrastructure monitoring and management consulting.

• ProSight Reporting: Real-time Reporting for Ticketing and Network Monitoring Platforms
  ProSight Reporting is a growing family of in-depth management reporting utilities created to integrate with the industry's top ticketing and remote network monitoring applications such as ConnectWise Manage, ConnectWise Automate, Customer Thermometer, Auvik, and SentinelOne. ProSight Reporting uses Microsoft Graph and utilizes color coding to highlight and contextualize key issues like inconsistent support follow-through or endpoints with out-of-date AVs. By exposing ticketing or network health concerns clearly and in near-real time, ProSight Reporting enhances productivity, lowers management hassle, and saves money. For details, see ProSight Reporting for ticketing and network monitoring applications.

• ProSight Data Protection Services (DPS): Managed Backup and Recovery Services
  Progent has worked with advanced backup software providers to produce ProSight Data Protection Services (DPS), a portfolio of offerings that deliver backup-as-a-service (BaaS). ProSight DPS products manage and monitor your backup processes and allow transparent backup and rapid restoration of critical files/folders, applications, images, plus virtual machines. ProSight DPS lets your business avoid data loss resulting from hardware breakdown, natural disasters, fire, cyber attacks like ransomware, human error, ill-intentioned insiders, or software bugs. Managed services available in the ProSight DPS product family include ProSight DPS Altaro VM Backup, ProSight 365 Total Backup (formerly Altaro 365 Backup), ProSight ECHO Backup using Barracuda dedicated storage, and ProSight MSP360 Cloud and On-prem Backup. Your Progent service representative can help you to determine which of these fully managed backup services are most appropriate for your IT environment.

• ProSight Email Guard: Inbound and Outbound Spam Filtering and Data Leakage Protection
  ProSight Email Guard is Progent's spam and virus filtering service that uses the technology of top information security companies to provide centralized management and comprehensive protection for your email traffic. The hybrid structure of Email Guard combines cloud-based filtering with a local gateway device to provide advanced defense against spam, viruses, Dos Attacks, Directory Harvest Attacks (DHAs), and other email-based threats. Email Guard's cloud filter acts as a first line of defense and keeps the vast majority of unwanted email from making it to your network firewall. This reduces your vulnerability to external threats and saves network bandwidth and storage. Email Guard's onsite security gateway appliance provides a further level of analysis for inbound email. For outgoing email, the local gateway offers AV and anti-spam protection, policy-based Data Loss Prevention, and email encryption. The local gateway can also help Microsoft Exchange Server to track and safeguard internal email traffic that originates and ends inside your corporate firewall. For more details, see Email Guard spam filtering and data leakage protection.

• ProSight Duo Two-Factor Authentication: ID Confirmation, Endpoint Remediation, and Secure Single Sign-on
  Progent's Duo MFA managed services incorporate Cisco's Duo cloud technology to protect against compromised passwords by using two-factor authentication (2FA). Duo enables single-tap identity confirmation with iOS, Android, and other personal devices. Using Duo 2FA, whenever you log into a secured application and give your password you are requested to confirm your identity via a unit that only you have and that uses a different ("out-of-band") network channel. A broad selection of devices can be utilized for this second means of authentication including a smartphone or wearable, a hardware/software token, a landline telephone, etc. You may designate several validation devices. For details about ProSight Duo identity authentication services, refer to Duo MFA two-factor authentication (2FA) services.

• Outsourced/Co-managed Service Desk: Help Desk Managed Services
  Progent's Help Center services permit your information technology group to outsource Call Center services to Progent or split responsibilities for support services seamlessly between your internal network support staff and Progent's nationwide pool of certified IT support technicians, engineers and subject matter experts. Progent's Co-managed Help Desk Service offers a seamless supplement to your core IT support group. Client access to the Service Desk, provision of support services, problem escalation, ticket creation and tracking, performance metrics, and management of the service database are consistent whether incidents are resolved by your core network support staff, by Progent, or both. Learn more about Progent's outsourced/co-managed Help Center services.

• Progent Active Protection Against Ransomware: Machine Learning-based Ransomware Detection and Remediation
  Progent's Active Protection Against Ransomware is an endpoint protection (EPP) solution that utilizes cutting edge behavior analysis tools to guard endpoint devices and servers and VMs against modern malware attacks such as ransomware and file-less exploits, which routinely get by legacy signature-based AV tools. Progent Active Security Monitoring services protect on-premises and cloud-based resources and provides a single platform to automate the entire malware attack lifecycle including protection, infiltration detection, containment, remediation, and post-attack forensics. Top features include one-click rollback using Windows Volume Shadow Copy Service and real-time network-wide immunization against new threats. Find out more about Progent's ransomware protection and recovery services.

• ProSight IT Asset Management: Network Documentation Management
  ProSight IT Asset Management service is an IT infrastructure documentation management service that makes it easy to capture, maintain, retrieve and safeguard data about your IT infrastructure, processes, business apps, and services. You can instantly find passwords or serial numbers and be alerted automatically about upcoming expirations of SSLs or warranties. By cleaning up and organizing your IT infrastructure documentation, you can save up to half of time spent searching for vital information about your network. ProSight IT Asset Management includes a common location for storing and collaborating on all documents related to managing your business network such as standard operating procedures (SOPs) and How-To's. ProSight IT Asset Management also offers a high level of automation for collecting and associating IT data. Whether you're planning improvements, performing regular maintenance, or responding to an emergency, ProSight IT Asset Management delivers the information you need as soon as you need it. Read more about ProSight IT Asset Management service.

• Patch Management: Software/Firmware Update Management Services
  Progent's managed services for patch management offer businesses of all sizes a flexible and affordable alternative for evaluating, testing, scheduling, applying, and tracking updates to your dynamic IT system. Besides optimizing the protection and functionality of your computer network, Progent's software/firmware update management services allow your IT staff to concentrate on line-of-business initiatives and activities that deliver the highest business value from your information network. Learn more about Progent's patch management support services.

• ProSight Virtual Hosting: Hosted Virtual Machines at Progent's World-class Data Center
  With ProSight Virtual Hosting service, a small or mid-size business can have its critical servers and applications hosted in a protected Tier III data center on a high-performance virtual host set up and managed by Progent's network support experts. Under Progent's ProSight Virtual Hosting model, the client owns the data, the OS software, and the apps. Since the system is virtualized, it can be ported easily to a different hosting environment without a lengthy and technically risky configuration procedure. With ProSight Virtual Hosting, your business is not locked into a single hosting provider. Learn more details about ProSight Virtual Hosting services.

• ProSight Active Security Monitoring: Endpoint Protection and Ransomware Defense
  Progent's ProSight Active Security Monitoring (ASM) is an endpoint protection (EPP) service that incorporates SentinelOne's cutting edge behavior machine learning technology to defend physical and virtual endpoints against new malware assaults such as ransomware and file-less exploits, which routinely get by traditional signature-matching anti-virus tools. ProSight ASM safeguards local and cloud resources and provides a single platform to automate the complete threat progression including filtering, detection, mitigation, cleanup, and post-attack forensics. Top capabilities include one-click rollback using Windows VSS and automatic network-wide immunization against new threats. Progent is a SentinelOne Partner, dealer, and integrator. Read more about Progent's ProSight Active Security Monitoring (ASM) endpoint protection and ransomware recovery.

• ProSight Enhanced Security Protection (ESP): Endpoint Protection and Exchange Email Filtering
  Progent's ProSight Enhanced Security Protection managed services offer ultra-affordable multi-layer security for physical servers and VMs, desktops, smartphones, and Exchange email. ProSight ESP utilizes contextual security and advanced machine learning for continuously monitoring and responding to security assaults from all vectors. ProSight ESP provides two-way firewall protection, penetration alarms, endpoint management, and web filtering via cutting-edge technologies incorporated within a single agent managed from a single control. Progent's security and virtualization experts can assist your business to design and implement a ProSight ESP deployment that meets your organization's unique requirements and that allows you prove compliance with legal and industry information protection regulations. Progent will help you specify and configure policies that ProSight ESP will manage, and Progent will monitor your IT environment and respond to alarms that call for urgent action. Progent's consultants can also help you to install and test a backup and restore solution such as ProSight Data Protection Services (DPS) so you can recover quickly from a potentially disastrous security attack such as ransomware. Read more about Progent's ProSight Enhanced Security Protection unified endpoint security and Microsoft Exchange email filtering.

ProSight Network Audits
Progent's ProSight Network Audits are a fast and affordable way for small and mid-size organizations to get an unbiased assessment of the health of their network. Based on some of the top remote monitoring and management (RMM) platforms available, and overseen by Progent's certified team of information technology professionals, ProSight Network Audits help you see how closely the deployment of your core network devices conform to industry leading practices. Both the Basic and Advanced versions of ProSight Network Audit services are offered at a budget-friendly, one-time cost and deliver instant ROI such as a cleaner Active Directory system. Both also come with a year of advanced remote network monitoring and management (RMM). Benefits can include easier network management, better compliance with information security regulations, more efficient utilization of IT resources, faster problem resolution, more reliable backup and restore, and less downtime. Read more information about ProSight Network Audits network infrastructure assessment.

Contact Progent to Find Out More about Progent's ProSight Ransomware Preparedness Report Service
For pricing information and to learn more about how Progent's ProSight Ransomware Preparedness Report can reduce your vulnerability to ransomware, call Progent at 800-993-9400 or visit Contact Progent.