
World Backup Day highlights need for Active Directory focus
World Backup Day serves as a pertinent reminder of the importance of data protection strategies in safeguarding business continuity against cyber threats.
Semperis has expressed the significance of World Backup Day, stressing the need for businesses to review their data backup strategies to defend against potential cyberattacks, including ransomware. The company observes that while data protection is crucial for all, a laser-focused approach to Active Directory (AD) backup is now essential for operational recovery following a cyberattack.
Sean Deuby, Principal Technologist at Semperis, reflected on the lessons learned from a major ransomware attack on a healthcare provider over a year ago. He emphasised the increasing sophistication of cyber threats and the imperative for robust recovery processes. "Quality backup is the linchpin of business resilience, shielding against data loss and ransomware threats, and ensuring swift recovery in the face of unforeseen challenges," Deuby stated.
The commentary from Semperis outlines how in approximately 90 percent of ransomware attacks, the identity system is compromised, often targeting Active Directory. With AD's role as a fundamental system in business technology infrastructures, a dedicated AD backup strategy is heavily advised. Deuby noted, "To significantly reduce recovery time and quickly resume normal operations, even after an attack, organisations need a dedicated Active Directory (AD) backup strategy."
Further detailing the intricacies of AD's recovery needs, Deuby highlighted that traditional backup methods do not adequately cater to AD's "special status" as businesses predominantly use it for both user and application connectivity. The call has been made for specialised, automated AD recovery tools to ensure the system returns to a secure state, uninfected by malware.
Semperis further advocates for organisations to adopt an "assume breach" mindset, suggesting readiness to face breaches is essential. By understanding critical systems and reducing vulnerabilities, organisations can make their infrastructure more secure. "When organisations are prepared to be resilient against cyberattacks, and understand which systems are most critical to their business, they can take steps to reduce their most glaring vulnerabilities, make their infrastructure sufficiently difficult to compromise and recover much faster from a compromise," Deuby said.
Additionally, real-time monitoring of unauthorised changes in the AD environment is suggested as a preventive measure against cyber threats. Such measures ensure changes to network accounts and groups are visible, which can mitigate potential damage from attackers.
The observations shared by Semperis highlight growing concerns over data integrity and reinforce the necessity for proactive data protection strategies in modern business environments to minimise disruptions caused by cyber threats.