Our previous blogs discussed cybersecurity defense-in-depth strategy and how to use cybersecurity frameworks to achieve that strategy. In the next series of blogs, we will examine some critical security controls from those previous articles. The takeaway will be helping you align your business with the proper security controls based on frameworks. These blogs are not meant to be a sales tactic; we will not mention specific vendors or products. Our top priority is helping you understand the basis of a mature cybersecurity defense for your business.
NIST Cybersecurity Framework
One of the NIST Cybersecurity Framework’s core functions is PROTECT (Read our Cybersecurity Framework blog here). After you have identified the assets and risks to those assets, the protect function supports the ability to secure the assets or lower its overall risk to the business. DNS Layer Protection lowers your business’s overall risk of utilizing the Internet, mainly from the risk of your end users everyday use of the Internet.
Domain Name System (DNS) Basics
In terms of priority, DNS layered protection is right near the top. But why? What does the name of the protection suggest? Let’s step back and review what DNS does first. In our connected world, almost everything we do on a computer needs to figure out how to get to resources such as www.google.com. DNS is the system that converts the URL www.google.com into an IP address (142.250.65.164) so the network infrastructure and Internet can get us to the Google data center.
Knowing that, how do we now interject a level of security into the DNS process? If we replace the known good URL, www.google.com, with a known bad site, www.badsite.com, should they both return an IP address so our computers can connect? No. And this is the basis of DNS Layered Protection. Return the IP address for good sites, and do not return an IP address for bad sites. Although a simplistic view, this is what happens. When implemented, we can help mitigate these types of threats:
Types of Threats:
- Malware
- Command and Control Callbacks
- Phishing Attacks
- Harmful Domains
- Newly Created Domains
- Cryptomining
While we are not returning the IP addresses for the bad sites, let’s also not return IP addresses for sites that violate your company’s acceptable Internet use policy. Different users inside your business may require different Internet access levels. By integrating the DNS Layer Protections into your authentication and directory infrastructure, you can target different policies for various groups.
The one question we are asked is how this helps protect us in the hybrid work environment. For all of your mobile devices, an agent is installed that receives the same policies and rules that follow and apply no matter where the user is working that day.
In closing, let’s take a look at the high-level benefits of DNS Layered Protection.
Benefits of DNS Layered Protection:
- Enhanced Threat Prevention: By blocking access to malicious domains before they can be reached, DNS layer protection significantly reduces the risk of malware infections, phishing attacks, and data breaches.
- Improved User Productivity: DNS Layer Protection helps minimize wasted time and potential security incidents by implementing website content and application policies that reinforce business acceptable use policies.
- Reduced Security Costs: Proactive prevention can save businesses significant costs associated with security breaches, data recovery, and lost productivity.
- Cybersecurity Insurance: DNS Layer Protection is a requirement that many cybersecurity insurance providers expect businesses to implement.
- Policy Standardization: Implement a standard set of policies for standardizing protection no matter where your users work.
About KeyNet Technologies:
KeyNet subscribes to a defense-in-depth strategy, not single-point products. DNS Layer Protection is only one component of our KeyNet Defend services. By partnering with KeyNet, your business can have the expertise and resources needed to implement and maintain this critical layer of defense. If you want to learn more or start a conversation, contact us on our website or by 717-517-9604.