How does DNS impact my Credit Union?

DNS, or the domain name system, is a fundamental building block of the internet that is very commonly overlooked from both a management view and a security view. This is a major oversight by most businesses and there are a variety of lost cost (and even free) things Credit Unions and other business can do to protect themselves.

Recursive DNS

OpenDNSFirst off, there are two types of DNS, recursive DNS and authoritative DNS. Recursive DNS is generally something an ISP provides to customers. Recursive DNS takes google.com and turns it into an IP for an end user’s browser or application. DNS recursors hand out records to end users, mostly. Those DNS recursors query an authoritative DNS server to get their results. Some common examples of these services are OpenDNS or Google DNS. Recursive DNS also plays a ctriical role in the security of an organization as it is the source of most man-in-the-middle attacks. For this reason, OGO does not allow public access to our recursive DNS resolvers. It is only accessible to the clients on our network.

Authoritative DNS

Most commonly, the domain registrar hosts the authoritative DNS records for a domain. Many larger business use their ISP, a third party provider, or host their own authoritative DNS servers. These authoritative DNS servers tell the world where your website, email, and all other DNS related items live. This is one of the most overlooked aspects of security for many business. Hint: make sure your DNS provider has an option for multi-factor authentication. There are a variety of DNS record types:

A Records & CNAMES

Most common in use and are used to control the destination of URL’s.

MX Records

Used to control mail flow.

Click here to learn about how MXRecords work with Hosted Exchange.

TXT Records

These are some of the most misunderstood DNS record types, but are also the most powerful. Within a TXT record, you can control your vitally important SPF record, DKIM records, and DMARC records, all of which control deliverability of your email. Email deliverability is a large topic and will be covered in another upcoming post.

DNS is a commonly overlooked infrastructure item that all businesses need to be aware of. There are a number of tools available to troubleshoot and review DNS, but one of the best high level review tools is DNS Inspect. Run your domain through it and see what surprises you.

If you have any questions about DNS, feel free to drop a comment on the post or fill out this form:

 

 

Cost-Effective Solutions for Your Credit Union

Simply fill out this form and select the topic(s) that you would like more information for, and our team will reach out shortly.

Medium

Role
I agree to receive marketing communications from Ongoing Operations regarding news, updates, products, etc.(Required)

modal close button

Welcome to the Ongoing Operations blog archive.

For our most up-to-date information, please visit ongoingoperations.com.

HOME