Remote Network Management for Small and Midsize Businesses

Ransomware has become the weapon of choice for the major cyber-crime organizations, posing an existential threat to businesses that fall victim. The latest strains of ransomware target everything, including backup, making even partial recovery a long and expensive process. New variations of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, and Egregor have made the headlines, displacing WannaCry, Cerber, CryptoWall, and NotPetya in notoriety, elaborateness, and destructive impact.

90% of ransomware infections come from innocent-seeming emails with malicious links or attachments, and many are so-called "zero-day" attacks that can escape detection by traditional signature-based antivirus (AV) tools. While user education and frontline detection are critical to defend against ransomware, best practices dictate that you assume some attacks will succeed and that you put in place a strong backup solution that allows you to recover quickly with minimal damage.

Progent's ProSight Ransomware Preparedness Report is an ultra-affordable service centered around an interview with a Progent security consultant experienced in ransomware defense and recovery. Progent will help determine your company's readiness to block or recover from a ransomware attack. During this interview Progent will work directly with you to gather pertinent information about your security and backup environment. Progent will use this information to produce a written Basic Security and Best Practices Report detailing how to apply best practices for configuring and managing your security and backup systems.

Progent's Basic Security and Best Practices Report focuses on key issues associated with prevention (Security) and recovery (Backups). The review addresses:

Security

• Correct use of administration accounts
• Correct NTFS and SMB permissions
• Optimal firewall settings
• Secure RDP connections
• AntiVirus tools selection and configuration

• Split permission model for backup protection
• Backing up required servers (AD)
• Offsite backups including cloud backup to Azure

About Ransomware
Ransomware is a form of malware that either encrypts files so they are unreadable or deletes them altogether. Ransomware often locks the victim's computer so it is unusable. To reverse the damage, the victim is required to pay a specified amount of money (the ransom), typically via a crypto currency like Bitcoin, within a short time window. There is no guarantee that paying the ransom will result in a recovery. Compromised or deleted files can extend throughout a network depending on the victim's write permissions, and the military-grade encryption algorithm used on the hostage files cannot be broken. A common ransomware attack vector is spoofed email, which the user is lured into opening by a social engineering technique known as spear phishing. This makes the email look as though it came from a trusted sender. The most targeted attack vector is an improperly secured Remote Desktop Protocol (RDP) port. These are becoming more of a problem as businesses support more at-home workers.

CryptoLocker opened the modern era of ransomware in 2013, and the damage caused by ransomware variants is estimated at billions of dollars annually, more than doubling every two years. Notorious recent threats include WannaCry/WannaCrypt, Locky, Cerber, NotPetya and Spora. Current high-profile threats like Ryuk, Maze, and Sodinokibi are more elaborate and have caused more havoc. Even if your backup processes allow you to recover your ransomed files, you can still be threatened by exfiltration, where stolen data is made publc (known as "doxxing"). Because new variants of ransomware crop up daily, there is no guarantee that conventional signature-matching anit-virus tools will block the latest attack. If an attack does show up in an email, it is critical that your users have been educated to be wary of social engineering tricks. Your last line of defense is a solid scheme for scheduling and retaining offsite backups plus the deployment of reliable recovery tools.

ProSight Managed Services Offered by Progent
Progent's ProSight network management suite is a family of affordable, subscription-based service packages that allow small and mid-size businesses to outsource crucial IT management functions. ProSight services that can help defend against or recover from ransomware attacks include email filtering, next-generation AV based on behavior analysis, automatic isolation of infected computers and immediate inoculation of safe devices, plus cloud-based backup with both granular and whole-site recovery.

• ProSight LAN Watch: Server and Desktop Monitoring
  ProSight LAN Watch is Progent's server and desktop monitoring managed service that uses state-of-the-art remote monitoring and management techniques to keep your network operating efficiently by checking the health of vital assets that drive your business network. When ProSight LAN Watch detects a problem, an alarm is transmitted automatically to your specified IT staff and your Progent engineering consultant so that all looming issues can be resolved before they can disrupt productivity. Learn more about ProSight LAN Watch server and desktop remote monitoring consulting.

• ProSight LAN Watch with NinjaOne RMM: Unified RMM Solution for Networks, Servers, and Workstations
  ProSight LAN Watch with NinjaOne RMM software offers a unified, cloud-based platform for managing your network, server, and desktop devices by providing tools for performing common tedious jobs. These can include health monitoring, patch management, automated repairs, endpoint setup, backup and recovery, A/V defense, remote access, built-in and custom scripts, resource inventory, endpoint status reporting, and troubleshooting assistance. If ProSight LAN Watch with NinjaOne RMM identifies a serious issue, it transmits an alert to your specified IT management staff and your Progent consultant so potential issues can be fixed before they impact your network. Find out more about ProSight LAN Watch with NinjaOne RMM server and desktop monitoring services.

• ProSight WAN Watch: Network Infrastructure Remote Monitoring and Management
  Progent's ProSight WAN Watch is a network infrastructure management service that makes it simple and inexpensive for smaller businesses to diagram, track, optimize and troubleshoot their connectivity appliances like routers, firewalls, and load balancers plus servers, printers, client computers and other networked devices. Using state-of-the-art Remote Monitoring and Management (RMM) technology, ProSight WAN Watch ensures that network maps are kept current, copies and displays the configuration information of almost all devices on your network, tracks performance, and generates alerts when issues are detected. By automating complex management and troubleshooting processes, WAN Watch can knock hours off ordinary tasks such as making network diagrams, expanding your network, locating devices that require critical software patches, or isolating performance issues. Learn more details about ProSight WAN Watch infrastructure monitoring and management services.

• ProSight Reporting: In-depth Reporting for Ticketing and Network Monitoring Applications
  ProSight Reporting is a growing suite of in-depth management reporting plug-ins created to integrate with the leading ticketing and network monitoring platforms such as ConnectWise Manage, ConnectWise Automate, Customer Thermometer, Auvik, and SentinelOne. ProSight Reporting incorporates Microsoft Graph and utilizes color coding to surface and contextualize critical issues like spotty support follow-through or machines with out-of-date AVs. By identifying ticketing or network health problems concisely and in near-real time, ProSight Reporting enhances productivity, reduces management overhead, and saves money. For more information, see ProSight Reporting for ticketing and network monitoring applications.

• ProSight Data Protection Services: Managed Backup and Recovery Services
  Progent has worked with leading backup/restore software companies to create ProSight Data Protection Services (DPS), a portfolio of management offerings that deliver backup-as-a-service. ProSight DPS services manage and monitor your backup processes and allow non-disruptive backup and rapid restoration of vital files/folders, applications, system images, and virtual machines. ProSight DPS lets your business recover from data loss caused by equipment breakdown, natural disasters, fire, cyber attacks such as ransomware, user error, ill-intentioned employees, or application bugs. Managed backup services available in the ProSight Data Protection Services portfolio include ProSight DPS Altaro VM Backup, ProSight 365 Total Backup (formerly Altaro 365 Backup), ProSight DPS ECHO Backup using Barracuda purpose-built storage, and ProSight DPS MSP360 Hybrid Backup. Your Progent service representative can help you to identify which of these fully managed backup services are most appropriate for your network.

• ProSight Email Guard: Inbound and Outbound Spam Filtering and Data Leakage Protection
  ProSight Email Guard is Progent's spam and virus filtering and email encryption service that uses the infrastructure of top data security vendors to deliver centralized management and world-class protection for your inbound and outbound email. The powerful architecture of Email Guard managed service combines a Cloud Protection Layer with an on-premises gateway appliance to provide complete protection against spam, viruses, Denial of Service (DoS) Attacks, Directory Harvest Attacks (DHAs), and other email-based malware. Email Guard's Cloud Protection Layer serves as a first line of defense and keeps the vast majority of unwanted email from reaching your network firewall. This decreases your exposure to inbound threats and conserves network bandwidth and storage. Email Guard's onsite gateway device provides a further layer of inspection for incoming email. For outgoing email, the local security gateway provides anti-virus and anti-spam filtering, protection against data leaks, and email encryption. The local gateway can also assist Exchange Server to monitor and protect internal email traffic that stays within your security perimeter. For more information, visit ProSight Email Guard spam filtering and data leakage protection.

• ProSight Duo Multi-Factor Authentication: Identity Validation, Endpoint Policy Enforcement, and Protected Single Sign-on (SSO)
  Progent's Duo MFA service plans incorporate Cisco's Duo technology to defend against stolen passwords by using two-factor authentication (2FA). Duo supports single-tap identity confirmation with iOS, Google Android, and other personal devices. With 2FA, whenever you sign into a protected application and enter your password you are requested to verify who you are on a unit that only you have and that is accessed using a different network channel. A broad range of out-of-band devices can be utilized for this added means of authentication including an iPhone or Android or watch, a hardware/software token, a landline phone, etc. You may register several validation devices. For more information about ProSight Duo identity validation services, refer to Duo MFA two-factor authentication services.

• Progent's Outsourced/Shared Call Center: Help Desk Managed Services
  Progent's Help Desk services enable your IT group to offload Support Desk services to Progent or divide activity for Help Desk services transparently between your in-house support group and Progent's nationwide pool of certified IT support engineers and subject matter experts. Progent's Co-managed Service Desk offers a smooth extension of your in-house network support group. End user access to the Service Desk, provision of technical assistance, issue escalation, trouble ticket creation and updates, efficiency measurement, and maintenance of the service database are cohesive regardless of whether incidents are resolved by your in-house IT support staff, by Progent's team, or by a combination. Read more about Progent's outsourced/co-managed Call Center services.

• Active Protection Against Ransomware: Machine Learning-based Ransomware Detection and Cleanup
  Progent's Active Protection Against Ransomware is an endpoint protection (EPP) service that incorporates cutting edge behavior machine learning tools to guard endpoint devices as well as servers and VMs against new malware attacks like ransomware and file-less exploits, which easily escape legacy signature-based AV products. Progent ASM services safeguard local and cloud resources and provides a single platform to manage the entire threat progression including blocking, detection, mitigation, cleanup, and forensics. Key capabilities include single-click rollback using Windows VSS and automatic system-wide immunization against new threats. Find out more about Progent's ransomware defense and recovery services.

• ProSight IT Asset Management: Network Documentation Management
  Progent's ProSight IT Asset Management service is a cloud-based IT documentation management service that allows you to create, update, retrieve and protect data related to your IT infrastructure, procedures, business apps, and services. You can instantly find passwords or serial numbers and be warned automatically about impending expirations of SSL certificates or domains. By cleaning up and managing your IT documentation, you can eliminate up to half of time thrown away trying to find vital information about your IT network. ProSight IT Asset Management features a common repository for holding and sharing all documents required for managing your network infrastructure such as standard operating procedures and self-service instructions. ProSight IT Asset Management also offers a high level of automation for collecting and associating IT data. Whether you're making enhancements, performing regular maintenance, or reacting to a crisis, ProSight IT Asset Management delivers the information you require when you need it. Find out more about Progent's ProSight IT Asset Management service.

• Patch Management: Software/Firmware Update Management Services
  Progent's managed services for patch management provide businesses of all sizes a versatile and affordable solution for assessing, validating, scheduling, applying, and documenting updates to your dynamic information network. Besides optimizing the security and functionality of your IT network, Progent's software/firmware update management services free up time for your in-house IT team to concentrate on line-of-business projects and tasks that deliver the highest business value from your network. Learn more about Progent's software/firmware update management services.

• ProSight Virtual Hosting: Hosted VMs at Progent's World-class Data Center
  With ProSight Virtual Hosting service, a small organization can have its key servers and applications hosted in a secure Tier III data center on a fast virtual machine host set up and maintained by Progent's network support experts. With Progent's ProSight Virtual Hosting service model, the customer owns the data, the OS software, and the applications. Because the environment is virtualized, it can be ported easily to an alternate hardware environment without requiring a time-consuming and technically risky configuration process. With ProSight Virtual Hosting, you are not locked into one hosting service. Find out more details about ProSight Virtual Hosting services.

• ProSight Active Security Monitoring: Endpoint Protection and Ransomware Defense
  ProSight Active Security Monitoring is an endpoint protection solution that utilizes SentinelOne's next generation behavior-based analysis tools to guard physical and virtual endpoint devices against modern malware assaults like ransomware and file-less exploits, which routinely escape legacy signature-based anti-virus tools. ProSight Active Security Monitoring protects local and cloud-based resources and offers a unified platform to manage the complete threat lifecycle including protection, identification, containment, remediation, and post-attack forensics. Top capabilities include single-click rollback using Windows VSS and automatic system-wide immunization against new attacks. Progent is a SentinelOne Partner, reseller, and integrator. Read more about Progent's ProSight Active Security Monitoring (ASM) endpoint protection and ransomware recovery.

• ProSight Enhanced Security Protection (ESP): Physical and Virtual Endpoint Security and Microsoft Exchange Email Filtering
  ProSight Enhanced Security Protection (ESP) services deliver economical multi-layer protection for physical servers and virtual machines, desktops, mobile devices, and Microsoft Exchange. ProSight ESP utilizes contextual security and advanced heuristics for round-the-clock monitoring and responding to cyber assaults from all attack vectors. ProSight ESP delivers firewall protection, intrusion alarms, device management, and web filtering via leading-edge technologies packaged within a single agent managed from a single console. Progent's data protection and virtualization consultants can help you to plan and implement a ProSight ESP environment that addresses your organization's specific requirements and that allows you prove compliance with legal and industry information protection regulations. Progent will assist you define and configure security policies that ProSight ESP will enforce, and Progent will monitor your network and react to alarms that require urgent action. Progent can also assist you to install and verify a backup and restore solution such as ProSight Data Protection Services so you can recover quickly from a destructive cyber attack such as ransomware. Read more about Progent's ProSight Enhanced Security Protection (ESP) unified endpoint security and Microsoft Exchange filtering.

ProSight Network Audits
Progent's ProSight Network Audits are a quick and low-cost alternative for small and medium-size organizations to obtain an unbiased evaluation of the overall health of their information system. Based on some of the top remote monitoring and management platforms in the industry, and supervised by Progent's world-class group of IT experts, ProSight Network Audits show you how well the configuration of your essential infrastructure assets adhere to leading practices. Both the Basic and Advanced versions of ProSight Network Audit services are available at a budget-friendly, one-time cost and deliver instant benefits like a cleaner Active Directory environment. Both also include a year of advanced remote network monitoring and management. Advantages can include lower-cost network management, improved compliance with government and industry security regulations, more efficient utilization of network resources, faster problem resolution, more reliable backup and restore, and higher availability. Learn more information about ProSight Network Audits network infrastructure assessment.

Contact Progent to Find Out More about Progent's ProSight Ransomware Preparedness Report Service
For pricing information and to learn more about how Progent's ProSight Ransomware Preparedness Report can reduce your vulnerability to ransomware, call Progent at 800-993-9400 or visit Contact Progent.