In our previous blogs, we looked at the changing IT landscape and how cyber security protection needs to change to meet the new challenges and threats.
The rapidly changing IT landscape characterizes a new era of digitisation where IT adoption and automation of business processes is happening at a scale rarely seen before. The changes are bringing about a paradigm shift in our approach to providing cyber security where we need to essentially provide continuous, pervasive protection for known and unknown threats. As we continue in this series we discuss some technological approaches to delivering pervasive cloud centric security.
We are aware of the pivotal role of DNS in getting us connected to literally any service we need to access, whether via email, web or a bespoke application. DNS is a service we always make use of. So how can securing a simple background process like DNS have a dramatic effect on an organisation’s cyber security posture?
DNS security can act as a form of perimeter security where the perimeter is pushed back to the source of the cyber threat. So the threat is initially blocked at the source or its point of origin. How this works is that the DNS points to a secure DNS service with up to date threat domain intelligence and machine learning that discovers and protects against emerging threats. Remember that 100% of organisations interact with known malware domains. Securing DNS will instantly block these connections as they are requested, as well as blocking future domains that have been identified as malware hosts.
If a previously infected device connects to the network or service, secure DNS will block the command and control call back to the malware domain and notify the security team.
This level of security is highly scalable in that it can be provided for an individual roaming client, a branch site or the organisation’s principle location.
Another useful feature is the ability to track normal behaviour for your organisation in terms of the rate and volume of requests over time. Anomalous behaviour can then be detected by comparing significant changes in normal behaviour.
A secure DNS solution will also provide detailed information about the malware domain such as IP addresses, associated domains and attacks associated with these domains. A robust, secure DNS solution could also provide a data feed into other security components in the organisation, thus sharing security updates that can be actioned elsewhere in the security stack.
In our next blog, we will take a look at how SaaS applications can be used in conjunction with secure DNS.
If you have read the last few updates you should now have a deeper understanding of Cloud Security, that’s great! But what can YOU do about it?
We are offering a 14 day trial of Cisco Umbrella, the industry’s first Secure Internet Gateway in the cloud.
Cisco Umbrella provides the first line of defence against threats on the internet. Because Umbrella is delivered from the cloud, it is the easiest way to protect all of your users in minutes.
It takes no time to install and you don’t have to provide any payment details (or even have a phone call).
So what have you got to lose?