The celebration of the 15th anniversary of World Backup Day serves as a reminder for individuals and businesses to reflect on their data protection strategies and ensure their data is adequately safeguarded. Quality backup is the linchpin of business resilience, shielding against data loss and ransomware threats, and ensuring swift recovery in the face of unforeseen challenges.
Reflecting now on the massive ransomware attack against one of the largest healthcare providers a little more than one year ago, highlights the importance of cyber resiliency. As organisations face sophisticated threats growing in speed, size and accuracy, the need for robust recovery processes with reliable backups is greater than ever before.
When ransomware gangs successfully breach organisations, in 90 percent of attacks the identity system, most often Active Directory, is compromised. To significantly reduce recovery time and quickly resume normal operations, even after an attack, organisations need a dedicated Active Directory (AD) backup strategy. AD is used by more than 80 percent of businesses today as a fundamental system that both users and applications depend upon to function. But traditional backups that include AD don’t recognise AD’s special status in the enterprise and its unique recovery requirements. To quickly recover AD from a cyber disaster you need specialised, automated AD forest recovery that will return this identity system to a malware free, known secure and trusted state. Without AD-specific cyberattack recovery technology and processes, your business is at risk. AD-specific backups can speed up recovery and aid organisations in quickly returning to normal operations after a ransomware attack. What was once considered “nice to have” is now a “need to have” for organisations of all shapes and sizes around the globe.
Organisations should adopt an “assume breach” mindset and encourage them to prepare now for the inevitable. When organisations are prepared to be resilient against cyberattacks, and understand which systems are most critical to their business, they can take steps to reduce their most glaring vulnerabilities, make their infrastructure sufficiently difficult to compromise and recover much faster from a compromise. Companies should also monitor for unauthorised changes occurring in their AD environment, which threat actors use in most attacks, and have real time visibility to changes to elevated network accounts and groups.