Active Directory: Cyber Disaster Recovery Plan

Active Directory cyber disaster recovery plan – do you have one?

September 16, 2020 10:09 am | Published by

Active Directories are critical

Most organizations say that Active Directory (AD) is mission-critical. But, more than half of them have never actually tested their AD cyber disaster recovery process or have a (crisis) plan in place at all.

The expanded work-from-home environment makes organizational identity a priority and increases the attack surface relative to Active Directory.

When considering the necessity of a cyber disaster recovery plan, we come up with the following hypotheses:

  • AD outages have a serious business impact. AD is mission-critical to the business. That means that an AD outage would be significant, severe or catastrophic.
  • AD recovery failure rate is high.
  • AD recovery processes remain largely untested.
  • AD recovery and the lack of testing being the number one concern to many organizations. Today’s cloud-first, mobile-first world, dependency on Active Directory is rapidly growing and so is the attack surface, understanding the importance of AD, and securely managing it. Particularly as they support an expanding ecosystem of mobile workers, cloud services, and devices.

Most of all, a true fact is, that AD has become a prime target for widespread cyber attacks that have crippled businesses.

 

Active Directory recovery plan

The best way to prevent an AD attack and keep damage at a minimum is to set up an Active Directory recovery plan:

  • Minimize the attack surface: Lock down administrative access to the Active Directory service.
  • Monitor Active Directory for signs of compromise and roll back unauthorized changes.
  • Widespread encryption of your network, including Active Directory, requires a solid, highly automated recovery strategy. That includes offline backups for all your infrastructure components as well as the ability to restore those backups without reintroducing any malware which may get on them.

 

If further information is required please contact Ravi Sankar, Head of Security & Compliance at ITSDONE.

Tags: , ,

This post was written by Ravi Sankar