The first major thing I was able to accomplish was a very unlucky serious of events that led to a ransomware attack throughout the business’s network. Due to coronavirus, the company had enabled VPN access for all employees to be able to remote into the network and access internal network resources. Unfortunately, it seems a hacker was already in the network, and it was too late for us, a currently brand-new IT department, to do anything to stop it.
The good news is what happened next. Utilizing a PowerShell script and a flash drive (since the AD was also compromised), we were able to wipe, reinstall Windows and install important apps on every computer in the business, within a week. By the next week, the business was up and running again, and thanks to good backups, we were able to get nearly all network services restored to working condition.
The fallout of this event took a couple years to fully recover from, but thankfully the business is now back to normal.