kreizihorse - Fotolia

Most UK businesses in the dark about crucial DNS infrastructure

Most UK businesses have little visibility or control over their DNS servers and services even though they are a key component of businesses’ infrastructure and security profile

The domain name system (DNS) is used by every business on the internet, and yet few have any idea of visibility or control over DNS performance, a study has revealed.

Some 92% of UK businesses have limited visibility of the impact of DNS performance on their internet users and visitors to their websites and other online resources, according to report by independent analysis firm Quocirca commissioned by communications and analysis firm Neustar.

Only 8% of companies polled claim to have full visibility across all areas of DNS, including frequency of dropped requests, cache poisoning, latency and overall load on DNS infrastructure, rendering it impossible to ensure a consistent service to internal and external internet users.

That is despite the fact that DNS is a business’s digital identity and, as such, probably the most crucial component of their security profile, according to security experts.

“2016’s Dyn DNS hack showed that DNS is an underdog – everyone relies on it, but it does not receive much love,” said Vladimir Jirasek, managing director of Jirasek Security

The report, entitled Winning the domain game: the business case for a specialist DNS provider, is based on interviews with 100 senior IT decision makers at UK-based businesses in a variety of sectors and presents UK-focused research into how businesses are provisioning DNS servers and services in the interests of both their internal and external internet users.

DNS is a fundamental utility supporting the internet and relied on by all businesses, but visibility is hampered by complexity with 45% of organisations having as many as 8 different ways of provisioning their DNS infrastructure, Quocirca found.

When complexity starts to prevent the delivery of efficiency and security benefits, the reports said businesses need to sit up and take notice.

“The internet is now a core utility for all businesses, as essential as electricity and water supply. However, unlike these utilities, internet use is bi-directional; outward, for employees and other internal users to engage with the world, and inward for customers and other visitors to find an organisation’s online resources,” said Bob Tarzey, analyst and director at Quocirca.

“The internet is also reliant on its own fundamental utility, the domain name system or DNS, which – at its most basic – is an address book which matches websites to internet protocol (IP) addresses.

“Our research reveals that many organisations have yet to realise that DNS can be so much more than that; sitting on the frontline in the online security battle, maximising use of backend resources, ensuring governance and providing a rich source of data for marketing teams,” he said.

Read more about DNS security

  • Know the business risks of using the internet.
  • Top three DNS-related security risks.
  • Business should arm against rise in DNS server attacks.
  • Add risk of DNS attack to the business continuity plan.
  • Use DNS proxy services to bolster security.

Another key finding of the study is that 61% of organisations suffer from internet performance issues while 72% suffer regularly from at least one of 6 critical issues that affect website and application availability, including distributed denial of service (DDoS) attacks, network access issues and web server downtime. All of these “internet problems” are potentially DNS-related, the report said.

Although 89% of respondents claim to be using a specialist DNS service provider, just 15% have committed to using it for both internal and external DNS purposes to provide advanced features such as mitigation against DDoS attacks, reducing infrastructure load and central management tools to improve visibility.

With so few benefiting from advanced features, the report said it would suggest a lack of knowledge about the value add that can be provided via DNS, and what could be achieved by using a specialist DNS service provider.

Drawbacks of an unfocused DNS approach

The report found that the majority of organisations use internet service providers (ISPs), managed hosting providers and internet registrars as way of provisioning some of their DNS needs. Such suppliers provide DNS services as a spinoff from the other things they do.

On the other hand, 92% of organisations polled maintain some in-house DNS capability to cover recursive DNS (for internal internet users) and/or authoritative DNS (for external internet users) requirements.

However, the report said this unfocused approach to DNS management has its drawbacks. According to the report, advanced DNS provision and management, as performed by a specialist DNS service provider, can deliver a number of valuable features to address these issues and provide significant value-add for businesses.

“DNS has been called the most important part of the internet that people don’t know about and it is time IT managers woke up to what a professional DNS service can deliver to business,” said Rodney Joffe, senior vice-president and fellow at Neustar.

“As the report highlights, DNS can be so much more than a website address directory. Provisioned correctly, by a reputable specialist DNS service provider, it can defend the frontline in the fight against cyber attacks and more,” he said.

“Specific DNS attacks include: re-routing traffic to another website to steal credentials or deploy malware; capturing traffic to steal personal or private data; injecting adverts, popups or redirects for financial gain; and redirecting corporate websites to activist or protest sites,” said Alex Ayers is co-founder and consulting director at Turnkey Consulting. “Controlling DNS determines what people see and where their data goes.”

Read more on Network security management