Most organizations have no Active Directory cyber disaster recovery plan

2020-08-26 03:30

Although 97% of organizations said that Active Directory is mission-critical, more than half never actually tested their AD cyber disaster recovery process or do not have a plan in place at all, a Semperis survey of over 350 identity-centric security leaders reveals.

Exactly 33% of organizations said they have an AD cyber disaster recovery plan but never tested it, while 21% have no plan in place at all.

Active Directory recovery plan Minimize Active Directory's attack surface: Lock down administrative access to the Active Directory service by implementing administrative tiering and secure administrative workstations, apply recommended policies and settings, and scan regularly for misconfigurations - accidental or malicious - that potentially expose your forest to abuse or attack.

Monitor Active Directory for signs of compromise and roll back unauthorized changes: Enable both basic and advanced auditing and periodically review key events via a centralized console.

Implement a scorched-earth recovery strategy in the event of a large-scale compromise: Widespread encryption of your network, including Active Directory, requires a solid, highly automated recovery strategy that includes offline backups for all your infrastructure components as well as the ability to restore those backups without reintroducing any malware that might be on them.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/BXdRFODAaN4/

#activedirectory #disaster #disasterrecovery