So what would be your worst case scenario for the future when it comes to Active Directory security?
So when I ask this question to a lot of our customers, they say one thing, total Active Directory disaster. Think of a MARIS style takeout where not a single domain controller is left standing, not even the backups if they have them. Some of our customers actually call this the scorched earth scenario and NotPetya, the attack of 2017, is still fresh in their minds. Because when Active Directory is the lifeblood to users, files, applications, when it's not working, no one is working. So if a health care employee can't access medical records to prescribe medication or review notes before a surgery, peoples' lives are at risk.
So we recommend that organizations have a well-documented and a thoroughly exercised Active Directory disaster recovery plan. And this includes all of the players and the dependencies, so from the server team, the OS, network, security, and so forth. We also recommend that they take regular backups of their domain controllers and store those in a network completely separate from their Active Directory so things like WannaCry or NotPetya can't compromise those backups, as well.
We also highly recommend that organizations build out a kit that's ready and offline in the case that they have to rebuild their Active Directory system. Many of our clients actually have physical domain controllers offline and ready at DR cold sites. All of this planning for an Active Directory disaster is extremely important because compromise is not a matter of if, but when and Active Directory needs to be an important part of any organization's business continuity plan.
[MUSIC PLAYING]
02:10