Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Why you need to care more about DNS

Mary Branscombe | July 16, 2015
When you say Domain Name System (DNS), you might think, naturally enough, of domain names and the technical details of running your Internet connection. You might be concerned about denial of service attacks on your website, or someone hijacking and defacing it.

That's not just PCs either, he points out; printers and televisions and IoT devices are increasingly connecting to your business network. "Do I want my TVs phoning home? If you look at the Samsung privacy policy, it says the TV has a microphone that might be listening at any time; do I really want that in the corporate boardroom? Maybe I want to apply DNS policies so my TVs can't phone home."

Infoblox's Liu agrees. "IoT devices are often not designed with a lot of security in mind. You want to make sure devices are connecting where they should be and that if someone throws something else onto your IoT network they can't access your internal network. DNS is a useful place to monitor and control that access."

And because you're already using DNS, monitoring it isn't disruptive, Ulevitch points out. "Usually in security, the reason most things aren't used is the effort needed to make sure they don't have a detrimental effect on user performance."

In fact, you need a good reason not to be doing this, he says. "There are fundamental best practices in security and one of them is network visibility. Not being able to see the traffic on your network means you're flying blind. Finding a way to inspect DNS traffic is a fundamental requirement of a strong security posture. To not know what's happening on your network is borderline derelict."

 

Previous Page  1  2  3  4 

Sign up for CIO Asia eNewsletters.