Restore vs. Rebuild — Strategies for Recovering Applications After a Ransomware Attack
In this report, Gartner gives IT pros strategies for secure recovery of critical applications infected with ransomware. One of these key applications is Active Directory.
Gartner states: “Attacks on Active Directory are a feature of many ransomware attacks with attackers gaining control to the extent that they can create new privileged accounts at will. Failure to recover and secure Active Directory systems as a first step in recovery will leave the entire IT environment vulnerable to new attacks.”
Among the key recommendations in this report includes investing in dedicated tools for Active Directory recovery. Gartner states, “Prioritize recovery and cleaning of Active Directory by maintaining regular backups of it and practicing the procedures required to restore Active Directory. If possible, invest in dedicated tools for Active Directory recovery as the Microsoft tools and procedures along with the limited capabilities of enterprise backup tools are often not fit for purpose.”
These recommendations align with 2022 Gartner ® Report “Implement IAM Best Practices for Active Directory” report, which states: “A dedicated backup tool for AD will be of great help in case of a successful ransomware attack.” In this 2022 report, Gartner lists Quest as an example vendor for AD backup and recovery.
Enjoy complimentary access to Gartner recommendations for responding to ransomware attacks by downloading your copy here.
Gartner, Restore vs. Rebuild — Strategies for Recovering Applications After a Ransomware Attack, Nik Simpson, Ron Blair, 2nd March 2022
Gartner, Implement IAM Best Practices for Your Active Directory, Paul Rabinovich,14th March 2022
Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.