DNS servers deliver critical services to businesses such as Internet visibility for customers, partners and employees – and external access to network applications and other important services such as email.
[easy-tweet tweet=”Businesses should deploy #cloud #DNS security alongside on premise solutions to create a hybrid environment”]
Because of the fundamental role they play in IT infrastructure, DNS servers are exposed to Internet-based attacks and therefore must be secure at all times. Losing email service or Internet connectivity due to attacks could significantly impact a business’ profitability.
An IDC survey conducted in June 2014 revealed that 72 per cent of respondents had been the target of a DNS attack in 12 months, and as a result, 45 per cent were impacted by downtime, 36 per cent reported loss of business, and 40 per cent had intellectual property stolen.
Cyber incidents rose by 38 per cent last year[1] and are only expected to increase over the course of 2016. So what can be done about this?
The DNS service is one of the most crucial IT services of any company. It delivers critical services and is of the utmost importance to ensuring business continuity and should be a vital part of any global company’s security plan. But so far, existing solutions such as firewalls or generic anti DDoS systems have only demonstrated their inability to protect mission-critical DNS services. Hackers have many different objectives and will use any vulnerability to attack, causing interruption to a business’ activity, corrupting data, or worse – both.
DNS attacks are becoming more and more sophisticated and organisations must stay ahead of the threats using security solutions that can protect against a range of attacks.
An IDC survey conducted in June 2014 revealed that 72 per cent of respondents had been the target of a DNS attack in 12 months, and as a result, 45 per cent were impacted by downtime
The best approach for businesses is to deploy cloud-based DNS security alongside on premise solutions to create a hybrid environment for even greater resilience, performance and protection. Hybrid cloud architectures offer reliable and scalable solutions that allow businesses to manage the DNS server in-house and the domain name in the cloud. They also offer an established infrastructure with multiple points of access to achieve 100 per cent availability of DNS servers from a single management console. It’s industry best practice to not rely on one technology to limit single point of failure, so organisations need to understand practices when building DNS architectures. By doing so, it ensures access to network applications and other indispensable services such as email are never lost.
With the right management tool, cloud-based DNS deployments also allow IT teams to revert back to local deployments at the click of a button. This reversibility makes hybrid cloud deployment very adaptable and flexible to individual users and business needs. A test on cloud infrastructure can be made quickly, and can be changed back to in-house in one easy step.
There are not many solutions that can be implemented to manage in-house and cloud DNS servers but it can guarantee 100 per cent availability and be integrated to operate alongside other security solutions such as those that work to absorb DDoS attacks and mitigate Zero-Day vulnerabilities.
In a report conducted by IDC in 2014, only 12 per cent of UK respondents were already using DNS cloud deployments across their organisation for new applications, but 23 per cent were interested in such solutions and planned to look into using it in the future. However, PwC’s report on The Global State of Information Security Survey 2016 revealed 69 per cent of organisations now use cloud-based cybersecurity frameworks – less than two years later.
Despite this, implementing a hybrid cloud architecture does come with its challenges. For instance, there’s an increase in security complexities and a different kind of security protection is needed. On premise and cloud-based DNS servers also don’t share the same configuration which can, at times, come with its own set of problems and can increase the time of setting up a hybrid system. Hybrid DNS architectures also require IT staff to learn a new range of endpoints and responsibilities which can add to costs and extend the time scale until the system is fully up and running.
[easy-tweet tweet=”On premise and #cloud-based #DNS servers don’t share the same configuration which can cause challenges”]
Companies are beginning to understand the need for protecting their DNS servers with multiple technologies, however still do not fully trust solutions that don’t store data on premise. But as DNS attacks continue to grow and develop in 2016, more efficient and increased security is needed. Combining your DNS security with a hybrid cloud architecture is your best form of defence; its scalable, simple to deploy, cost effective, flexible, and most importantly, secure.
[1] PwC The Global State of Information Security Survey 2016