Cloud DNS – What’s Stopping you Joining the Party?

Across industries, companies of all sizes have embraced business applications and platforms that are based in the cloud. After all, doing so offers numerous benefits regarding deployment, upkeep, reliability, and cost as compared to running the same services on premise.

These advantages apply just as well to domain name server (DNS) technology – an underappreciated yet fundamentally vital part of the Internet, connecting users to websites. Yet a significant majority of enterprises choose to keep their external DNS deployments on premise – why?

DNS has been called the most important technology that no one knows about, so we thought we’d check if this is true and try to find out what factors either encourage or discourage businesses from making the decision to deploy their external DNS in the cloud. To this end, the results of our recent survey from Forrester Consulting shed some insight.

[easy-tweet tweet=”Many firms experience considerable DNS-related troubles. ” hashtags=”Cloud, DNS”]

Setting the scene

It’s no surprise that the results showed that the dominant deployment method for external DNS is overwhelmingly on premise. What is worrying is that out of the respondents who are responsible for their firm’s DNS technology, an average of only 20% of them claim to be “very knowledgeable” about one of the nine DNS components and use cases we asked about. So combine the prevalence of on-premise DNS with the lack of skills to support such a model, and we can understand why many firms experience considerable DNS-related troubles. Key among these are challenges around security, including distributed denial of service (DDoS) attack vulnerability and DNS protocol security, which were cited as major or moderate challenges by approximately two-thirds of those surveyed.

But it’s not just critical security issues that bog down IT professionals with on-premises DNS. The majority of respondents also cited being challenged by a number of resources — both time and money — used to maintain and upgrade their system.

The pull towards cloud-based DNS

Since on-premises DNS operators’ chief concern pertains to security, it follows logically that the majority of respondents cited better protection from DDoS attacks and improved DNS security (DNSSEC) as having a major influence on their decision to host in the cloud.

Even more of influence, however, is the prospect of improved reliability and availability in an era when customers expect instantaneous service anytime and anywhere they please. Dovetailing off this imperative, companies are motivated to move DNS to the cloud by capability indicators such as improved disaster recovery, performance, scalability and traffic management, as well as detailed reporting on what’s working well and areas for improvement.

What are the barriers?

If firms have strong factors pulling them toward cloud deployments, why have so few made this move? The list of common inhibitors includes several applicable to any cloud technology deployment, such as pricing models, migration, and mandates for isolation and security. But one theme on this list stood above the rest: vendor service and support. According to our respondents, perceptions regarding vendor response time and communication constitute the primary major inhibitor, and more general support concerns earn the highest combined mentions as a major or moderate inhibitor.

[easy-tweet tweet=”DNS is a critical infrastructure and security component ” hashtags=”Cloud, DNS”]

DNS Decision-Makers Prefer MSPs

Because DNS is a critical infrastructure and security component for any modern organisation, there is a wide choice of companies offering DNS services, each with distinct service models and specialisations.

With so many of those who are responsible for DNS struggling with the maintenance of their on-premise systems, it makes sense that when we asked them to rate the type of DNS service provider they preferred, the largest share elected to hand responsibility over to a managed service provider (MSP). In fact, MSPs are nearly twice as preferred as are outsourced IT services partners.

[easy-tweet tweet=” All organisations require DDoS protection.” hashtags=”Cloud, DDos”]

DNS Selection Criteria: One-Stop-Shop AND DDoS Protection

DNS is chock-full of components and uses cases, and not all service providers have the capabilities to address all of them. Companies that seek several services — or want to completely unload their DNS responsibilities are likely to seek robust solutions that don’t require multiple vendors. Our survey respondents laud both MSPs and Internet service providers (ISPs) for this criteria, considering them as tied for having the greatest advantage for one-stop-shop offerings.

Regardless of how much help they need operating and maintaining a DNS, all organisations require DDoS protection. Survey respondents indicated that MSPs have the greatest advantage here.

DNS Selection Criteria: Service AND Expertise

Our survey respondents reported both low levels of DNS knowledge and significant concern around the communication and support from cloud DNS providers. Therefore, DNS expertise, as well as the level of service provided by those experts, are likely to be high priorities for those who decide to evaluate cloud DNS services.

Our survey respondents gave high marks to MSPs for both of these metrics by deeming them as having the greatest advantage for service, as well as for subject matter expertise and experience.

The word is spreading about external (authoritative) DNS

Despite the slow uptake, the survey showed indications of uptake acceleration. Factoring in the respondents who are currently planning a migration, nearly half (47%) of organisations will soon host their external DNS in the cloud. What’s more, only a quarter of respondents said they are not at least considering such a move.

Firms are increasingly open to the idea of migrating to cloud-based DNS solutions under the prospect of improving on-premises deployments’ shortcomings. Various concerns — chiefly around vendor support and service — prevent such moves from occurring en masse. When they do evaluate such options, buyers believe MSP have an advantage for service, as well as for other evaluation criteria.


Rodney Joffe has been a sought-after cyber security expert who, among other notable accomplishments, leads the Conficker Working Group to protect the world from the Conficker worm. Providing guidance and knowledge to organisations from the United States government to the Internet Corporation of Assigned Names and Numbers (ICANN), Mr Joffe is a pioneer in the domain name system (DNS) and cyber security markets and has demonstrated his expertise in developing new solutions at Neustar such as NeuSentry.


AI Readiness - Harnessing the Power of Data and AI


Related articles

Data Sovereignty in AI: Five Key Considerations

Data is the most valuable economic asset for modern...

Streamlining Cloud Management with Terraform Functions

The multi-cloud deployment trend is making infrastructure management more...

Defending Health and Social Care from Cyber Attacks

The National Cyber Security Centre (NCSC) recently calculated that...

How is AI changing patch management?

Cyberattacks are increasing in frequency and severity. This means...

AI Readiness – Harnessing the Power of Data and AI

Join us for a compelling session on "AI Readiness:...

Subscribe to our Newsletter