Majority of UK Biz Lacks DNS Insight, Leading to DDoS and More

Majority of UK Biz Lacks DNS Insight, Leading to DDoS and More

Most UK businesses are in the dark when it comes to the impact that domain name system (DNS) performance is having on their internet users and visitors.

At its most basic, DNS is an address book which matches websites to IP addresses—and it’s a key part of how the internet functions. Yet according to a Neustar-commissioned survey carried out by Quocirca, a full 92% lack visibility into this arena, largely due to complexity. About half (45%) of organizations surveyed said they have as many as eight different ways of provisioning their DNS infrastructure.

The majority of organizations use ISPs, managed hosting providers and internet registrars as way of provisioning some of their DNS needs, while 92% of organizations polled also maintain some in-house DNS capability to cover recursive DNS (for internal internet users) and/or authoritative DNS (for external internet users) requirements.

Thanks to this unfocused approach, in all, only 8% of respondents claim to have full visibility across all areas of DNS, including frequency of dropped requests, cache poisoning, latency and overall load on DNS infrastructure, rendering it impossible to ensure a consistent service to internal and external internet users.

The effects of this lack of transparency are clear: A full 72% of organizations report regularly suffering from critical issues that impact website and application availability DNS performance. These can include distributed denial of service (DDoS) attacks, network access issues and web server downtime.

“The internet is now a core utility for all businesses, as essential as electricity and water supply,” said Bob Tarzey, analyst and director at Quocirca. “However, unlike these utilities, internet use is bi-directional; outward, for employees and other internal users to engage with the world, and inward for customers and other visitors to find an organization’s online resources. It is also reliant on its own fundamental utility, the domain name system or DNS.”

The research also reveals that many organizations have yet to realize that DNS can go beyond its basic nomenclature function. Despite 89% of respondents claiming to use a specialist DNS service provider, just 15% have committed to using it to provide advanced features such as mitigation against DDoS attacks, reducing infrastructure load and central management tools to improve visibility.

“[DNS] can be so much more than a website address directory… it can defend the frontline in the fight against cyber-attacks, maximize the use of backend resources, ensure governance and be a rich source of marketing data,” explained Rodney Joffe, SVP and fellow at Neustar.

Source: Information Security Magazine