In today’s world, DNS is as ubiquitous as computers. It is used a kazillion times a day and yet DNS security is still a big issue. Now and then events like the 2021 Facebook outage spur debates and discussions about DNS security and every once in a while a solution or a tool is rolled out to mitigate one security issue or the other, but the source of the problem remains largely unexplored to this day. Tom Hollingsworth of Gestalt IT brings together a panel of experts on this at the Security Field Day Event of October to discuss DNS security and its possible solutions in deep detail with EfficientIP.
The Dream of a NetSecOps Team
The debate on DNS security is about as old as the internet. Views today are as divided as they were before. One school of thought is that a NetSecOps team would bring an end to the constant network breach that plagues the modern enterprises networks. However, in reality, this is easier said than done. People working in the networking and security teams know this.
As straightforward as it sounds, mixing teams is not easy. Getting members of different teams to work synchronously even through the mediation of management and leadership is fairly challenging. One would argue that professionals working on mainframe work together compatibly all the time despite coming from different teams. In IT integrating teams is not exactly a novel idea for across enterprises teams are merged all the time for budgetary and management purposes, but there is a less-known caveat to that. The outcomes of it aren’t always exemplary.
So what are odds of the networking and security teams of ever coming together into the fabled NetSecOps team? We don’t know that yet. It could be just a pipeline dream knowing that these two teams having very different goals famously don’t get along well. All the same there is a collective consensus today on the necessity of such a team. So there is a glimmer of hope.
Is a DNS Error a Product of Fragile Security?
Another set of people believes that DNS security is a problem of an organization’s own making that is perfectly preventable with some obvious measures. For example, open S3 buckets. Using open buckets for storing data is a costly mistake that companies stumble upon now and again. That’s something that can be resolved internally.
SQL injection is one of the most common DNS threats that companies face today. With a bit of luck and a weak security system, anyone can easily break into a network and exploit it to acquire information through a simple SQL injection. In a less threatening way, companies are gaming the system all the time to slip their ads in without the expressed consent of the users.
At the roundtable discussion on Security Field Day of October, Tom Hollingsworth and his panel of delegates along with Alexandre Chauvin-Hameau of EfficientIP explores the different aspects of DNS security to understand its origin and work out a definitive solution.
EfficientIP and DNS Security
All said and done, the lingering question here is, how can DNS security breaches be dodged? Can the DNS security be set up in a failsafe manner to counter the constantly evolving threats? Some say that a security overlay that covers for all the technology siloes would be the answer to this, while others believe that a NetSecOps team in action would be the way to neutralize security attacks.
The good news is that there are tooling solutions available to enterprises that can make a NetSecOps team possible just like the DevOps team or the DevTest team. EfficientIP is one of the companies dedicated to this cause. Specialized in DDI, they are the makers of solutions like Smart DDI and 360°DNS Security. Founded in 2004, EfficientIP is dedicated to network security from the very beginning. Over the years, it has invested heavily to the research on DNS security. We might soon get to see an EfficientIP solution in the market that helps overcome the challenges of putting together the NetSecOps team and finally make it happen for organizations.
To see the full discussion, check out the videos on Dissecting DNS Security and NetSecOps with EfficientIP on techfieldday.com.