Hi! My name is Will.
As an IT professional, I understand better than most how important it is to protect your domain name system but many businesses aren’t aware of how to achieve this or where to begin to ensure that their DNS is properly protected. If you’re looking to secure your DNS, keep these five must-ask questions in mind as you look for a proper security option.
1) How many requests does your recursive DNS resolve per day?
Since there is too much good and too little bad traffic to warrant adding DNS logs into a security information and event management system, and exporting logs and cutting in data from multiple sources is burdensome, even if you overcome aggregation issues, you’re viewing thousands of hostnames with no context making it impossible to aggregate this data without implementing a proper DNS security tool.
2) What does irregular DNS traffic look like?
Even if you allocate resources to constantly monitor and dissect your DNS logs, it’s highly unlikely you’ll identify and mitigate an intrusion before it inflicts damage. This is because your company’s sample size is too small to identify Internet-wide trends and threats, which is why many employ a cloud service. The more traffic and intelligence you view in aggregate, the easier it becomes to flag irregular DNS traffic.
3) Do you know that recursive DNS can be used to exfiltrate data from your enterprise?
Through this DNS tunneling, bad actors can exfiltrate financial records, social security numbers, credit card information, intellectual property, and other sensitive data, and understanding this innate vulnerability becomes even more vital when you consider the growing mobility of today’s workforce. All it takes is one compromised device reconnecting to your corporate network to unleash malware that facilitates data exfiltration across your enterprise.
4) Can you apply the policy to block malicious activity across your entire company in seconds?
If you can’t answer yes to this question, it’s beneficial to keep in mind that a cloud-based solution allows for configuration and deployment in minutes with no hardware or software and can be managed from anywhere, pushed everywhere, and enforced unilaterally almost instantaneously.
5) Is DNS part of your layered security system?
As every web request from the enterprise begins with DNS, it’s the perfect control point to secure company-wide visibility into web requests and apply your security policy. Recursive DNS is an often forgotten attack vector, but with ever-evolving malware and growing financial incentives for hackers, you must reinforce this vulnerable back door.
Proactively protecting your recursive DNS from targeted threats is imperative but becomes much easier to achieve and maintain when you implement a proper DNS security tool at your organization.
If you want to learn more must-ask questions about DNS, click the link below for more information.