Time equals profitability. ThirdWall enhances ConnectWise Automate allowing you to perform functions faster via the click of a mouse button.
Lock Down Glaring Vulnerabilities
Dangerous end users with too much privilege. Unused, often obsolete, protocols. Unauthorized software. With Third Wall™, you can lock down, enforce policies and passwords, eliminate many gaping vulnerabilities.
Stop Data Theft – from Outside or Inside
Over 50% of employees and contractors walk out with unauthorized data. Too often it is Personally Identifiable Data, Customer Information, Financials or other critical intellectual property. With Third Wall™, you can shut down the most common pathways that data thieves use – saving major headaches!
Audit-Ready Reports – Prove that You Are Protecting
You need reports, for your clients’ benefit and to help with HIPAA, PCI, SOC, ISO and other audits. Third Wall gives them to you – including a Protection Report, a Logon / Logoff Report, and even Dataviews.
EMERGENCY! ACT FAST!
When something bad happens, you need to react NOW! Third Wall gives you fast-acting tools to prevent damage and spread of malware, and to protect your critical data. Third Wall can even execute emergency actions automatically for critical situations.
Stop malware spread!
Protect lost or stolen
computers and data!
Use Third Wall to protect your environment from Ransomware
How does ransomware get in? Phishing, open protocols, piggybacking on macros, all sorts of ways. Third Wall can help you close many of those entryways. But what if it still gets in through some other opening?
Third Wall has three different policies you can (and should) use to stop ransomware.
- First, get early warning that it has buried itself using the Monitor Event Log Clearing policy. Why? Ransomware loves to bury itself so it can attack later, and always tries to cover its tracks. The most common way for it to do that? Clear the Event Log. If it does that, this policy will send you a ticket – a very big red flag for you to investigate now.
- Second, when ransomware does finally launch, it usually launches from deep within the AppData folder. By using the Disable EXE Running from %AppData% policy, you can stop that cold. It will never launch.*
- Third, if it still somehow launches, you can find out very quickly and have Third Wall automatically take mitigating actions as the attack is occurring, giving you a rapid-reaction capability you’ve never had before. Just turn on the Monitor for Ransomware Attacks policy. If an attack occurs, Third Wall will send you a ticket, and you can choose to Isolate that computer, run an AV Scan, and even protect your Shadow copies by disconnecting the infected computer from them – all virtually instantly upon detection
So – the only question is why wouldn’t you deploy this protection to every computer you have right now. Great security, easy to use, low cost. That’s Third Wall.
*DETAILS on using Disable EXE Running from %AppData% policy
With the Disable EXE Running from %AppData% policy turned on, you will also likely prevent some legitimate programs from launching from AppData as well. That’s easy to manage – just go the the Automate Dashboard, select Config > Integration > Third Wall tab to globally whitelist those programs. For further details, see our Operational Instructions.
To add to the Whitelist, you need to go to the Third Wall Integration screen, which will whitelist the EXE across your entire environment. Open the Automate Dashboard, then select the Config > Integration > Third Wall tab. On the right you will see the UI. Simply click the Add button and go from there.
A couple of important notes:
-
You cannot use wildcards when you specify the pathway; you must use the actual pathway.
- To find out which EXEs are in AppData, and what their pathways are, type in “%AppData%” into the File Explorer primary location window for any given computer. Then, type in “*.exe” into the search window of File Explorer, and it will generate a list. While we cannot guarantee that every computer will have the same exact pathway, that will be the expectation for most installations of these software packages.
ConnectWise Manage will likely require multiple files to be whitelisted, and each user of Manage will have their own pathway. Yours may vary, but here is an example of what you may see. Notice the highlighted variables, which you must fill in with actual pathway information:
%appdata%\ConnectWise\ConnectWiseCrashHandler.exe
%appdata%\ConnectWise\cache\\\\controls\Converter32.exe
%appdata%\ConnectWise\cache\\\\controls\Converter64.exe
%appdata%\ConnectWise\cache\\\\controls\cef\connectwise.exe
With v2.5 and later, you also get a new AppData whitelisting capability for a Client, which gives you the ability to scan through ALL of the computers in a Client, bring back a de-duplicated list of executable files and import those you wish to whitelist. This is easy to use and makes our protective policy all that more valuable.
Third Wall Logon Reporting
Third Wall can capture every USER logon, logoff, unlock and lock event for your entire client base, and report them by Client. Absolutely necessary for cybersecurity records – run the Report every month (yes, you can schedule it), save it, and you have a complete archive for your Clients. Plus, since we automatically pair each logon event with its corresponding logoff event, your Clients also get a great record of employee work habits. Just when was their computer unlocked (and thus someone was actually working on it)? How valuable is that information? Pretty darn valuable, we’ve discovered.
What if you want the same data in a filterable / sortable format? Just run the corresponding Dataview. Then you can always answer that nagging question that you never could before (and you know you get this question): “Was someone in the office after hours on Tuesday?” Done and done.
Emergency Action Buttons
You’ll be SO glad you have these. And you’ll wish you had them before…
Use Case #1
What do you do when one of your managed end users calls and tells you “OMG, I have a virus, what should I do now?”
Probably this:
- Tell them to “turn off your computer,” or perhaps “unplug the blue cable from the back of your computer…
- And then you send a technician on-site to fix it.
Right? Wow, that was expensive.
But with Third Wall, here’s what you’ll do:
- Go to their Third Wall Computer screen in Automate
- Click the ISOLATE button, which disconnects that one computer from everything – no network, no internet – except your Automate Server and your ScreenConnect server.
- Fix it remotely (don’t send anyone on-site)
- Reverse the ISOLATE command to reconnect the computer
- Enjoy life
Did your day just get a bit easier?
Use Case #2
One of your end-users reports a lost or stolen computer. Or perhaps a spiteful employee has just been fired. And the computer has sensitive data on it. WIsh you could wipe that computer? Here are the options you can do with Third Wall:
- Lock the screen. No credentials, no access. Quick and simple.
- Lockout users. Log everyone off. Then disable all Local accounts, leaving only the Domain credentials as viable. (this is reversible by you)
- Annihilate the computer. Use this ONLY for truly compromised computers. And you have three choices here:
- Quick Annihilate – delete data. Then destroy the computer. Fast.
- Secure Annihilate – delete data. Then write over all those deleted files 3 times, then destroy the computer. Thorough.
Think this might come in handy someday?
USB Wall
Protect your clients from data theft by employees and contractors
USB Wall gives you a tool to register USB data sticks for a Client.
Then, on Locations where you enable USB Wall, ONLY those registered data sticks will work – no other USB data storage device will even be seen by those computers. (note: currently, only data sticks can be registered.)
You can generate a Dataview of all files written to registered USB sticks, including Username, computer ID, stick ID, date/time and filename.
Your clients will have much greater protection of sensitive data.
Since over 50% of all employees and contractors with computer access steal company data, the need for a tool like USB Wall has never been greater. Loss of critical data can be disastrous for any company: client lists, financials, technical information must be protected today. And no firewall or antivirus will stop this type of data theft.
USB Wall is now available at no extra charge.
USB Wall Instructions
Lock Down Glaring Vulnerabilities
Dangerous end users with too much privilege. Unused, often obsolete, protocols. Unauthorized software. With Third Wall™, you can lock down, enforce policies and passwords, eliminate many gaping vulnerabilities.
Stop Data Theft – from Outside or Inside
Over 50% of employees and contractors walk out with unauthorized data. Too often it is Personally Identifiable Data, Customer Information, Financials or other critical intellectual property. With Third Wall™, you can shut down the most common pathways that data thieves use – saving major headaches!
Audit-Ready Reports – Prove that You Are Protecting
You need reports, for your clients’ benefit and to help with HIPAA, PCI, SOC, ISO and other audits. Third Wall gives them to you – including a Protection Report, a Logon / Logoff Report, and even Dataviews.
EMERGENCY! ACT FAST!
When something bad happens, you need to react NOW! Third Wall gives you fast-acting tools to prevent damage and spread of malware, and to protect your critical data. Third Wall can even execute emergency actions automatically for critical situations.
Stop malware spread!
Protect lost or stolen
computers and data!