Story image

Government focuses on domain name security

01 Jun 2016

Government improves domain name security

The Government is focusing on domain name security, with the Department of Internal Affairs making changes to how it manages government website domain names.

The changes will increase online security and result in greater public trust in government websites, the department says.

The Domain Name System (DNS) is the global network of computers responsible for translating domain names like dia.govt.nz into a location on the internet.

DIA’s Government Information Services group (GIS) hosts the domain name records associated with many of the .govt.nz domain names. In addition to this DNS service, GIS offers a portfolio of products and services aimed at delivering trusted government information to improve public services and raise digital capability throughout the sector.

Recent upgrades to DIA’s government DNS service include the addition of a set of security extensions called DNSSEC. The move is being applauded by the .nz Domain Name Commission and domain name operator NZRS.

Barry Brailey, DNCL manager of Security Policy, says with the new security extensions, web browsers can now confirm that the website a user is looking for is the correct one and not an imposter website.

“By securing .govt.nz with DNSSEC, DIA is demonstrating its commitment to New Zealanders’ online security and helping to improve how New Zealand is viewed from a cyber security perspective,” Brailey says.

Laura Sommer, acting general manager for GIS, says online security is a high-profile issue in New Zealand.

“People want websites that are safe and trusted,” she says.

Only .govt.nz (and .parliament.nz) domain names using the government’s DNS infrastructure are automatically protected with DNSSEC. Remaining government agencies who do not currently use this system are being encouraged to switch from their existing providers so they can take advantage of the improved security.

Jay Daley, chief executive of NZRS adds, “We hope this is a trigger for internet service providers who are yet to support DNSSEC, to add that support soon so that all Internet users can benefit from the added security and show government that the entire Internet industry is behind cyber security initiatives,” he explains.

Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.