In this report, Gartner gives IT pros strategies for secure recovery of critical applications infected with ransomware. One of these key applications is Active Directory.
Gartner states: “Attacks on Active Directory are a feature of many ransomware attacks with attackers gaining control to the extent that they can create new privileged accounts at will. Failure to recover and secure Active Directory systems as a first step in recovery will leave the entire IT environment vulnerable to new attacks.”
Among the key recommendations in this report includes investing in dedicated tools for Active Directory recovery. Gartner states, “Prioritize recovery and cleaning of Active Directory by maintaining regular backups of it and practicing the procedures required to restore Active Directory. If possible, invest in dedicated tools for Active Directory recovery as the Microsoft tools and procedures along with the limited capabilities of enterprise backup tools are often not fit for purpose.”
These recommendations align with 2022 Gartner ® Report “Implement IAM Best Practices for Active Directory” report, which states: “A dedicated backup tool for AD will be of great help in case of a successful ransomware attack.” In this 2022 report, Gartner lists Quest as an example vendor for AD backup and recovery.
Enjoy complimentary access to Gartner recommendations for responding to ransomware attacks by downloading your copy here.