Ask a Security Expert — Real Security Questions from MSP Customers: DNS & SMBs

Written by George Anderson
March 12, 2018

How does DNS or web-content filtering protection fit into an SMB’s existing security protection? Webroot offers an answer.

Question: How does DNS or web-content filtering protection fit into an SMB’s existing security protection?

– Jeanne Lisse, Madison Computer Works Inc.

Answer: Many SMBs lack any Domain Name System (DNS) security or web-filtering capabilities and are unaware of the security risks, and conversely the security benefits that management and control over their DNS connections to the internet will provide.

Since DNS has been around since 1985, overfamiliarity is an issue. Many organizations completely take their use of DNS for granted and wrongly assume that it’s already secured by their ISP, when, in reality, it is not secured. Considering its core function as their access to the worldwide, distributed directory service for all internet communications and interactions with the internet, SMBs’ DNS connections are left wide open to attack. In fact, cybercriminals and hackers looking for ways to access networks or intercept network communications routinely target and compromise DNS connections — often without the organization even knowing.

DNS protection fits into an SMB’s existing security protection as a simple and inexpensive way for MSPs to secure that vital internet connection and manage the security risks associated with web usage. It is ridiculously easy to deploy, and from a networking standpoint it simply involves redirecting customers’ internet access via secured DNS resolver servers.

The benefits of DNS protection are immediate and ongoing, and include the following:

If a DNS is compromised, threats are halted and a secure, resilient and reliable, carrier-grade connection to the internet is established with virtually zero latency.
While the DNS resolves and directs all outbound internet access requests, it can instantly check that access against web-filtering categories. This allows high-risk and malicious sites to be immediately blocked — adding additional protection against malware, phishing, ransomware and data being exfiltrated from the customers’ network.
A DNS protection service also generates access request logs, allowing both MSPs and their customers to have complete visibility of what is being accessed and by whom. This is invaluable in determining which internet-access controls are needed to preserve productivity, reduce bandwidth consumption or stop dangerous peer-to-peer access.
Internet malware threats are significantly reduced, with up to 90 percent being stopped at the domain layer and never reaching the firewall, network or user.

The bottom line is that DNS protection immediately reduces the risk of user and network infections significantly, while providing visibility and control over internet access by all applications. At the same time, it enables SMBs to demonstrate the risks through the reporting of malicious domains and sites blocked. A secure DNS protection service also allows SMBs to stop their customers from relying solely on endpoint security to protect their business from Internet threats.

George Anderson is director of product marketing at Webroot. George has spent the past 18 years in the IT security industry helping companies consider the real threats to their business.