Ransomware/virus infection has been identified
Issue/Symptom/Question
We've identified a system attack and need to know how to seek help from Penta.
Applies To
Penta for Windows
System Security
Resolution/Fix/Answer
- Immediately contact your Account Manager and notify them of the suspected attack
- Provide as much detail as possible related to what may have been compromised.
- Set up a service desk ticket with the pertinent information.
For Managed Services customers, Penta adheres to the following protocols related to network security:
- Customers are isolated from one another by the use of separate AWS accounts.
- Internet-facing systems, if any, are located in a DMZ.
- Access from the DMZ to the Internal network is restricted to only the required network ports.
- All Windows servers are equipped with Anti-Virus software.
- The AWS environment is restricted to Penta Support, with MFA on the root account.
- Access to the Remote Desktop servers is limited to either routing over a VPN tunnel or from specific source IP addresses on the Internet unless an RDS SSL Gateway is being used in which case the Remote Desktop servers are publicly accessible.
- Access to the hosted environment is limited to Penta technical and support staff. Access to Administrator-type accounts is limited to key personnel only.
- Operating system patches are installed on a routine basis.
- Zabbix monitoring and performance tracking of all systems.
- Critical alerts are escalated to our on-call team member.