Although many organizations rely on traditional data protection solutions or bare-metal recovery, those approaches will not help with AD recovery in the case of a cyber disaster. Gartner analyst Nik Simpson stated in his report “How to Protect Backup Systems from Ransomware Attacks,” that leaders focused on securing data center infrastructure should “accelerate recovery from attacks by adding a dedicated tool for backup and recovery of Microsoft Active Directory.” Without AD-specific recovery, organizations are at risk of losses in revenue, downtime, reputational damage, and litigation while they scramble to recover AD and restore access to applications and services that power business operations. Here are some of the reasons traditional backups are not adequate for recovering AD from a cyber incident:
- Potential reintroduction of malware: In the case of a cyberattack, traditional data backups might contain rootkits, ransomware or other malware
- Data loss: Malware remains latent for weeks or months before discovery, increasing the risk that malware will be restored with the backup
- Prolonged outages: Traditional data backups do not address the significant challenges of hardware setup, backup retrieval, and rebuilding AD.