Forget the Tax Man: Time for a DNS Security Audit

Here's a 5-step DNS security review process that's not too scary and will help ensure your site availability and improve user experience.

Already have an account?

The DDoS attack against DNS provider Dyn that took out large swaths of the Internet put a million-candle spotlight on the issue of the availability, and proved that proper DNS management is not just an IT issue, but a security mandate as well. Maintaining website availability and preventing revenue loss from associated outages depends upon good DNS hygiene, maintenance, and control.

DNS tends to be a set-and-forget type of technology... and that can pose problems several years after everything has been forgotten, according to Chris Roosenraad, director of product management for DNS service at Neustar.

[Check out "Protect Your DNS Services Against Security Threats" during Interop ITX, May 15-19, at the MGM Grand in Las Vegas. To learn more about DNS security, other Interop security tracks, or to register, click on the live links.].

Roosenraad -- who has more than two decades of security, networking and public policy expertise, having previously developed the DNS architecture for Charter Communications and Time Warner Cable -- says that DNS audits sound more foreboding than they actually are. This is not necessarily some big, scary compliance activity. It is just a way of accounting for all of the DNS infrastructure configuration to ensure that things haven't gotten out of sync with changing business realities. 

"It's just a process of taking some away from the 30 other multitasking things that we all have in front of us to sit down and say, 'Is this what I really want my Internet presence to be?'" he says.

How to begin the process? Here are five essential steps to conducting a successful DNS audit. 

About the Author

Ericka Chickowski, Contributing Writer

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights