All-New: SiRON RMM Ransomware Detection

In case you missed it, last week, we unveiled a game-changing feature to our clients. SiRON RMM Ransomware Detection.
By 2021, ransomware attacks are anticipated to cause $20 billion in damage, which is 57 times higher than in 2015. During an attack, the ransom demanded is roughly $5,600, and what’s worse – the downtime after an attack can cost up to 50 times more than the ransom itself. RMM tools can play a crucial role in defending businesses against ransomware. SiRON RMM Ransomware Detection works to protect small and medium businesses while adding value to the RMM service offering that SiRON partners provide.

What is RMM Ransomware Detection?

SiRON RMM Ransomware Detection complements other endpoint security applications such as antivirus packages to provide an extra layer of security and helps reduce the impact of a ransomware attack. It is a completely new behavioral-based engine, rather than a signature-based approach that compares files to a known database, that monitors for crypto-ransomware, and alerts us when ransomware starts to encrypt files. This is different from ransomware detection which looks for the presence of ransomware in backups, which could be a significant amount of time after a ransomware attack occurs.

Once detected, SiRON RMM attempts to stop the ransomware process and isolates the device from the network to prevent the ransomware from spreading to other devices. Native Ransomware Detection within SiRON RMM enables clients to enhance their security posture and:
  • Monitor for ransomware at scale. SiRON RMM’s powerful policy-driven approach allows you to quickly and consistently configure RMM Ransomware detection to monitor all your windows devices for ransomware.
  • Prevent the spread of ransomware. Once ransomware is detected, SiRON RMM will automatically notify technicians the moment files start being encrypted by ransomware rather than waiting for a user to report the issue. RMM Ransomware Detection can automatically attempt to terminate the ransomware process and isolate the affected device from the network to reduce the impact of ransomware on the client.
  • Reduce time to remediation. Infected devices automatically isolated from the network still maintain contact with SiRON RMM, providing contextual information enabling technicians to respond faster and take effective action, including recovering to a previous state with integrated SiRON Continuity devices.
SiRON’s RMM Ransomware Detection uses similar technology that has been in production on SiRON Workplace for over a year and was successfully field-tested with a group of SiRON RMM partners. In addition, the RMM Ransomware Detection engine was tested and validated by a world-leading, independent IT security testing firm which found it to have reliable detection rates and no false positives.

To learn more about how SiRON RMM can help reduce the impact of a ransomware attack, and how you can receive RMM Ransomware Detection on your endpoints for free through August 2021, Contact us Today!