With cybercrime on the rise, ransomware attacks that target Active Directory (AD) – the primary identity store for most businesses worldwide – are as common as a cup of coffee. If, like many organizations today, you have a hybrid identity environment that combines AD with Entra ID (formerly known as Azure AD), are you prepared for the worst-case scenario? If your AD was burned to the ground, you hopefully have (at a minimum) backups to perform a forest recovery.

But what then? After assessing the security of your AD and mitigating any (critical) risks (you plan to do this right?), do you simply reconnect and allow synchronization to occur between AD and Entra ID, or do you perform a GAP analysis first? Knowing which precautionary measures to take to minimize damage (i.e., impact of user experience and data loss) within Entra ID is of utmost importance!

In this session, we will discuss what the problem is, explain how to perform a GAP analysis and also how to close any disclosed GAPs before reconnecting AD and Entra ID and enabling synchronization. Last but not least, we will also explain the differences between the usage of Entra AD Connect Sync (formerly known as Azure AD Connect Sync) and Entra Cloud Sync (formerly known as Azure AD Cloud Sync).

• Learn the basic next steps to take after a forest recovery
• Learn which backup to choose and why
• Learn the steps to perform a gap analysis
• Learn the steps to remediate impact
• Learn how to use Entra Connect Sync or Entra Cloud Sync in a scenario like this