Security architects and IT operations staff are constantly challenged to limit access to sensitive data and lock down vulnerabilities in IoT and mobile devices. DNS is a key area to consider in this context. DNS is a powerful but often unmonitored protocol that adversaries have been exploiting for many years. That’s why 91% of malware use DNS for command & control within seconds of infection.
Thankfully, with the right tools you can minimize the attack surface that DNS presents to potential adversaries.
Let’s take a closer look at DNS Edge in action. Here’s a use case from the retail industry, but it could really apply to any organization which leans on IoT and other connected devices.
Today’s retail stores have a ton of connected devices – from security cameras to point of sale machines to inventory sensors. These devices are constantly using DNS to query the network and push information out, and usually do the same thing every day.
What happens when one of those devices gets hacked? It will probably deviate from its normal behavior pattern. Instead of querying the security server, a remote camera might look for something on the finance server. You’d only know this was happening if you were looking at DNS.
DNS Edge policy control can limit all the devices in a retail outlet to just the data and services they need to access. All attempts to reach outside domains or services from these POS devices will be blocked, preventing a breach and alerting security teams these devices are likely infected.
This is just one example – each industry and organization has its unique attack surface that DNS Edge can help to shrink.