Month: August 2020

VPLS Inc. 5000

VPLS Ranks No. 3918 on the 2020 Inc. 5000 List With Growth of 90.24%

VPLS Ranks No. 3918 on the 2020 Inc. 5000 List With Growth of 90.24%

Published

Written by

Filed under

Inc. magazine today revealed that VPLS is No. 3918 on its annual Inc. 5000 list, the most prestigious ranking of the nation’s fastest-growing private companies. The list represents a unique look at the most successful companies within the American economy’s most dynamic segment—its independent small businesses. Intuit, Zappos, Under Armour, Microsoft, Patagonia, and many other well-known names gained their first national exposure as honorees on the Inc. 5000.

"We are proud to be honored on the Inc. 5000 list. In the past year alone, VPLS’s team has nearly doubled and we have significantly expanded our cloud-to-edge service offerings. VPLS is proudly supporting more clients than ever along their IT journeys, and we thank all of our loyal customers, talented employees, and dedicated partners for making this achievement possible.”

Not only have the companies on the 2020 Inc. 5000 been very competitive within their markets, but the list as a whole shows staggering growth compared with prior lists as well. The 2020 Inc. 5000 achieved an incredible three-year average growth of over 500 percent, and a median rate of 165 percent. The Inc. 5000’s aggregate revenue was $209 billion in 2019, accounting for over 1 million jobs over the past three years.

“The companies on this year’s Inc. 5000 come from nearly every realm of business,” says Inc. editor-in-chief Scott Omelianuk. “From health and software to media and hospitality, the 2020 list proves that no matter the sector, incredible growth is based on the foundations of tenacity and opportunism.”

Read More from this Author

VPLS-CRN Fast Growth Banner 1200x628

VPLS named to the 2020 CRN® Fast Growth 150 List

VPLS named to the 2020 CRN® Fast Growth 150 List

Earlier this year, VPLS also ranked on the 2020 CRN Top 500 Solutions Provider list

Published

Written by

Filed under

We are proud to announce that CRN®, a brand of The Channel Company®, has named VPLS to its 2020 Fast Growth 150 list. Each year, CRN® recognizes the fastest-growing technology integrators, solution providers, and IT consultants across North America for the substantial growth and performance they’ve achieved over the previous two years. The elite group of companies named to this year’s list have generated a combined total revenue of more than $37.8 billion between 2018 and 2019.

VPLS is honored to once again be recognized for our exceptional growth. Our employees are passionate about providing best-in-class service and IT solutions that support our global clients and address their business needs. Now more than ever, this dedication has been critical in developing and maintaining successful, productive relationships with our clients and partners. This recognition by CRN underscores the consistent efforts and diligence of our employees, and I congratulate the entire team for their outstanding work

Today’s solution providers vie for market share within the highly competitive, fast-paced IT channel, making sustained growth and profitability noteworthy achievements. Ranking within the top 150 requires companies to continuously evolve with the seismic shifts taking place within the marketplace. The 2020 Fast Growth 150 list recognizes these companies’ extraordinary accomplishments and dedication to the IT channel.

“Evolution within the IT ecosystem is occurring at breakneck speed. The CRN® 2020 Fast Growth 150 list highlights the achievements of elite industry-leading companies in the IT channel and their ability to innovate in an ever-changing market,” said Blaine Raddon, CEO of The Channel Company®. “The extraordinary group of companies on this year’s list serve as an inspiration, setting an exemplary level of excellence for us to follow. We are excited to honor these industry leaders and wish them continued success in the years to come.”

Read More from this Author

VPLS Ransomware Prevent Banner 1200x628

How to Prevent Ransomware – A Technical Checklist

How to Prevent Ransomware – A Technical Checklist

Published

Written by

Filed under

Unfortunately, there is no single solution to prevent ransomware or stop the spread once it has infiltrated your network; a defense in depth approach must be used. Below is a comprehensive, but not exhaustive, list of technical and administrative controls that can be used in your business’ defense against ransomware.

Your Ransomware Technical Checklist

Employee Training

Security Awareness Training

Source: KnowBe4

According to the Sophos May 2020 report, the most common attack vector for ransomware is email, with infection occurring from a user unknowingly clicking on a malicious link or attachment. Before focusing on email security (our next recommendation on this checklist), security awareness training is imperative to decrease the odds that your workforce falls for common social engineering tactics employed by attackers.

With simulated phishing attacks on your employees, ransomware simulation, domain spoof testing, and more, good security awareness training programs go far beyond than just presenting a boring slideshow to your employees, and will leave your workforce much more cautious and prepared to defend themselves against these clever attacks.

VPLS Recommends: KnowBe4

Email Security

Secure Email Gateway

As we discussed above, email is statistically the most likely threat vector for ransomware and therefore one your organization should not take lightly. Major email providers, such as Office 365, do offer some level of threat prevention built into their platform, but data shows administrators are not confident in the capabilities of this included protection. Secure email gateways offer a more complete list of protection mechanisms to thwart the ever-changing techniques employed by modern day attackers, as well as providing better visibility to any incidents that may occur.

VPLS Recommends: Proofpoint Essentials

How Proofpoint Helps

Zero-Day Threat Prevention (Sandboxing)

Of the assortment of comprehensive protection features offered by secure email gateways, ensure that your solution includes both attachment and URL sandboxing. Sandboxing is the solution for zero-day ransomware threats that can bypass normal filters. Files and URLs are automatically scanned using a cloud-based or on-prem sandbox environment, allowing full execution and analysis of the attachment or URL to ensure no bad behavior will occur once the attached has been opened or the URL visited.

VPLS Recommends: Proofpoint Essentials (email only) or FortiSandbox(standalone/multi-source)

Endpoint Security

Endpoint Detection & Response (EDR)

We discuss the what and why of EDR in our 5-minute primer on EDR, but the crux is that traditional endpoint protection is not good enough to protect against sophisticated threats like ransomware. A modern endpoint detection and response solution is what will enable both protecting the host from getting infected in the first place (pre-infection protection), as well as detecting an infection has occurred and handling the threat if it infiltrates the computer (post-infection protection).

The ability to detect and defuse ransomware, as well as automatic playbooks for responding and remediating the infection are critical to ensure one infected host does not compromise the rest of your corporate assets.

VPLS Recommends: FortiEDR via VPLS’s Managed Detection & Response (MDR) Service

Zero Trust Network Access (ZTNA)

Next-Gen Firewall

For protecting both on-prem and remote corporate users and company assets, a next-gen firewall is critical to ensure you have the detailed visibility and granular policy enforcement required to protect a network environment from ransomware. The old days of creating policies using just IP addresses and port numbers alone are gone, as a next-gen firewall has the intelligence to allow layer 7 application filtering and granular network access based on user ID or user group, regardless of their IP address or port numbers.
FortiGate Next Gen Firewall 1199x501

In addition to smarter policies, a next-gen firewall will commonly come equipped with things like IPS/IDS, network-level antivirus, web content filtering, DNS filtering, and SSL inspection, which when configured with ransomware in mind, will ensure that you notice and block even the most elusive indicators of attack (IOA) and indicators of compromise (IOC).

VPLS Recommends: Fortinet FortiGate via VPLS’s Managed Firewall Service

SSL Deep Packet Inspection

Commonly overlooked or put at the bottom of a firewall admin’s to-do list, SSL deep packet inspection, also known as SSL decryption, allows a next-gen firewall to inspect the payload of encrypted traffic being sent to and from corporate assets. This is important because without SSL deep packet inspection, ransomware hiding in encrypted payloads will not be caught by the next-gen firewall. Additionally, since many next-gen firewall features will not function or will only function partially, like IPS/IDS and network-level antivirus, you may miss out on key indicators of attack (IOA) and indicators of compromise (IOC) that you would otherwise have visibility into.

VPLS Recommends: Fortinet FortiGate via VPLS’s Managed Firewall Service

SSL Security Profile 608x215

Internal Network Segmentation/Microsegmentation

All next-gen firewall deployments are not created equal. “Flat networks” of yesteryear allow unrestricted lateral movement of ransomware once a computer becomes infected. Internal network segmentation solves this issue by putting devices in different segments based on device type. With the next-gen firewall as the L3 gateway, you can apply the same layer 7 and user-based policies to even your internal-to-internal traffic, not just for traffic leaving the network edge.
Internal Segmentation Example 843x510

Microsegmentation takes this internal network segmentation one step further and allows you fine-grained control to police the traffic between devices that are a part of two internal segments or even the same internal segment. This can be achieved by creating policies based on user identity and/or deploying an endpoint-level application firewall on the hosts themselves.

VPLS Recommends: Fortinet FortiGate via VPLS’s Managed Firewall Service + FortiSwitch via VPLS’s Managed Network Service

Network Access Control (NAC)

Whether your users are on-prem or remote, one computer infected with ransomware is all it takes to begin a chain reaction that will quickly bring your business to a halt. In conjunction with your next-gen firewall and the internal network segmentation deployment topology, NAC should be in place to facilitate dynamic network access control, which ensures only trusted corporate devices will automatically get placed in an appropriate internal network segment and have access to sensitive resources. Other guest and BYOD devices should be isolated and placed on a restricted network.

After the NAC solution dynamically allows access based on device trust, endpoint compliance should also be continually evaluated. If the host does not meet compliance requirements, such as if the host becomes infected, does not have antivirus running or it is out of date for too long, or the host does not have the latest OS patches installed, the host should be moved to a restricted quarantine or remediation VLAN until the missing criteria is met.

Remote users aren’t excluded here—NAC and endpoint compliance can and should be enforced for users before allowing them to connect to the corporate VPN.

VPLS Recommends: Fortinet FortiNAC

Security Information & Event Management (SIEM)

SIEM

A defense in depth approach to cybersecurity provides thorough protection against ransomware, but it also provides a thorough amount of something else—logs! Not only will many logs be generated from these various systems we have talked about, but your team must devise an efficient method to parse through the logs, pull out key information, and alert IT personnel about security events that are occurring to ensure your business has a firm grasp of the activity occurring in the network environment.
AlienVault-SIEM 692x347

Enter the SIEM. A SIEM solves the complex problem of aggregating logs from multiple sources and performing event correlation. The logs and real-time diagnostic data from all of your endpoints and network equipment allow the SIEM to intelligently zero in on suspicious or malicious activity and send appropriate alerts to your staff in real-time. SIEMs typically also include vulnerability scanning capabilities, cloud monitoring, host-based IDS, and an assortment of other complementary components too, providing your security team with even more powerful analytics and response capabilities at their fingertips.

VPLS Recommends: AlienVault via VPLS’s Managed SOC Service

Business Continuity

Offsite Backups & Disaster Recovery

When it comes to ransomware, a prepared business should always plan for the worst-case scenario—infection, data being held at ransom, and business grinding to a halt. In this unfortunately common doomsday scenario, having offsite backups protected from infection, as well as a dependable disaster recovery plan, can exponentially decrease financial loss and ensure your business gets back up and running within minutes.

VPLS Recommends: VPLS’s Backup as a Service (BaaS) and Disaster Recovery as a Service (DRaaS)

Backip DRaas 700x437

My checklist is complete; now what?

The checklist above contains truly business-saving technical controls that can be used to enhance your business’ security posture and increase its defenses against ransomware. However, as mentioned at the beginning of this post, this list is not exhaustive, and many things were left out from this checklist for the sake of brevity—mobile device management (MDM), cloud access security broker (CASB), browser isolation, and user entity and behavior analytics (UEBA), just to name a few.

The fight against ransomware never stops, and whether you want to discuss the items mentioned in this checklist, or are ready to explore what’s next, VPLS is here to help.

Read More from this Author

Scroll to Top