DNS Filtering and Your Business

As cybercriminals and hackers continue to grow in numbers and expand their capabilities to infiltrate your network, your business must continue to leverage more resources to tighten your processes.

The key for today’s cyber security dangers is for IT professionals and their executives to ensure the organization is using a “multi-layer” approach. A multi-layer approach includes email security, spam filtering, antivirus, managed security services, managed firewall and last, but not least, DNS filtering.

How DNS Filtering Works

Domain Name System filtering, or DNS filtering for short, is a technique that is used to block access to some webpages, websites or IP addresses.  For example, DNS allows for domain names, ones that are easy to remember. Or, for instance, an example like “Wikipedia.com,” which is easier to remember than the IP address, like 198.35.26.96. In short: DNS is what maps an IP address to its domain name.

When DNS filtering is utilized, it blocks requests to webpages and IP addresses that are known as malicious. When the user attempts to connect to the website, instead of viewing the page that was requested, the user will see a blocked page screen detailing that it cannot be accessed from your network.

The control can be applied in a few ways: It can be applied via your ISP, at a router level, or a third party such as a web filtering service.

When using a third party, the user would point their DNS to the provider. The third-party service provider keeps a blacklist of malicious IP addresses and webpages. When a site has a reputation for being malicious, access is then blocked.

DNS filtering is optimized to process a high volume of data messages with minimal delay. To the user and your business, this means that there will be virtually no postponement in accessing safe websites, ones that do not breach the AUP or Acceptable (Internet) Usage Policies.

DNS Filters Role with Malicious Websites

To begin, a DNS filtering solution will not block “all” malicious websites. It’s unfortunate, but keep in mind that a webpage must first be determined as malicious before it can be blocked. When a cybercriminal creates a new phishing webpage, it will take some time to be checked, identified and blacklisted. On the other hand, a DNS web filter block does catch most malicious websites, and pages can be added quickly as they are uncovered, such as through your e-mail security programs.

With cyber security being such a hot topic in today’s economy and with multi-layer approaches serving as the best form of defense to small businesses (preventing potential damage to your IT infrastructure), adding DNS Filtering is becoming a more and more common part of a security protocol.

Start With a Couple Questions.

What’s your multi-layer approach to combatting cyber-attacks?  Does it include DNS filtering? 

These two questions are good places to start the conversation or, refresh the discussion on how to stay ahead of hacks.