Highest Rated Comments

TheWhiteZombie3 karma

If your IT infrastructure is compromised, and you are the target of a cryptolocker, how do you know which backup is a safe point to recover from?

Even with offline backups, your network could have been compromised some months before, and the foundations of the attack could still lie in an offline backup for months, how can you be certain the recovery point you are using is safe? Example, performing an authoritative restore of Active Directory from backup, or recovering some SQL database, or even file level recovery?

TheWhiteZombie2 karma

Appreciate the response, I find myself in a unique situation where we are carrying out a full infrastructure refresh from the ground up, so using this opportunity to leverage the best security practices possible for each area, network, backups, servers, etc.