DNS is inherently insecure because it was built in a time when everyone on the Internet trusted everyone else to have users’ best interests at heart. Sadly, we live in a world where that’s not the case. One of the proposals on the table to help fix problems is to secure DNS by running it over HTTPS. That’s great for the average consumer in the world that doesn’t do much beyond surfing, checking email, and shopping online. But what about Enterprises?
The amount of DNS in the Enterprise that is custom and needs care and feeding is impressive. You need to have a plan of attack to make sure it’s going to still work when DNS-over-HTTPS is finally rolled out. Josh Warcop takes a look at how to do this with Firefox, the web browser that was the first to implement this new protocol by default in an upcoming release.
Let’s address the most obvious problems for enterprises. DNS represents a wealth of information gathering within the four walls of a business. Content control, security protections, and split DNS are just a few things to mention. Breaking host level DNS resolution of browser is a threat against these protections.
Read more here: Firefox DNS-over-HTTPS for the Enterprise