DNS: Valuable and Vulnerable
You are your web presence. Everyone is well aware of the impact performance of your website or mobile app -- which is tied to the APIs and services attached to that web presence -- has on customer loyalty and ultimately, your brand reputation.
There are a thousand blogs and articles, listicles, and infographics that offer you myriad ways to improve your site’s performance. I’ve got them. You’ve read them. They’re everywhere. But we often forget that part of the performance equation relies on the domain name system (DNS) and the value of the domain for which it provides directions to consumers eager to engage with your latest app or website.
Back in 1996, I registered two domains as a gift for my better half. Yes, we’re geeks of like minds, but you knew that. Each cost about $7 per year as I recall. Today, the cost of those domains is still relatively minimal. I can register a new one for $12 a year through Google, and others for $7.95. Shop around; domains are cheap.
They're so cheap that it’s easy to forget how valuable they actually are. Consider that Google, Facebook, Twitter, LinkedIn, and every other brand out there paid about the same for their domain as I did. The registration of a domain is a mere pittance. But my domains are virtually worthless compared to that of brands who’ve built their empires based not just on what they do, but on how they do it. And by that, I mean digitally.
Domains are the crown jewels of business today, in this digitally driven, API-based economy. Perhaps that’s why we often fail to discuss the importance of DNS security. It's important not just to protect against DDoS attacks like the one in 2016 that targeted DNS provider Dyn and impacted many major websites, but also to fend off cache poisoning and hijacking, both of which have caused headaches for well-known companies in the near past.
DNS is one of the most open, by design and necessity, of public services required to operate in a digital economy. Without it, no one can find the other services, making it kinda the most important service there is today. The internet of things is only going to increase the value of DNS at an exponential rate.
So, too, does the spread of malware and the infection of networks thanks to successful phishing and web attacks. As noted by Akamai in its Q2 2017 State of the Internet report, “In terms of average number of unique domains accessed per hour, infected networks had 15X the lookup rate of a clean network.” Which means the threat of overload is not just externally sourced, but internally sourced, as well.
DNS needs to be secure and scalable to meet demands placed upon it by attackers and legitimate clients alike because both are increasing in number, rapidly. You need to be aware of scale to service the increased demand from devices and apps with legitimate queries while simultaneously defending against potential threats.
If you haven’t checked on your DNS strategy lately, now would be a good time, before somebody else figures out you haven’t and uses it against you or the rest of us.
Recommended For You
Low-Power WANs offer an alternative to 5G for connecting a fast-growing array of basic devices and sensors that transmit small amounts of data.
An effective network visibility strategy requires understanding the technical, financial, political, and legal aspects impacting your network operations.
Emerging organizational structures for IT include placement of IT pros in user areas and departments forming their own "micro IT's."
Comparing a good and bad trace helps identify performance issues. Dynamic baselining can be used when you do not have a good trace to reference.
Combining commodity server platforms and FPGA-based SmartNICs will allow network applications to operate at hundreds of gigabits of throughput with support for millions of simultaneous flows.
SD-WAN implementations are on the rise thanks to the potential cost savings, increased network resiliency, and better application performance they deliver.