PR.PS-05.255

Has your organization configured all platforms to use only approved DNS services that include protection against malicious domains?

Explanation

DNS (Domain Name System) services translate human-readable domain names into IP addresses. Configuring platforms to use only approved DNS services with malicious domain blocking capabilities helps prevent users from accessing known harmful websites and blocks communication with command and control servers used by malware. This control acts as an important security layer that can prevent data exfiltration and malware infections. Evidence of implementation could include documentation of approved DNS services (such as Cisco Umbrella, Quad9, or CloudFlare DNS), configuration settings showing these services are enforced across platforms, and reports showing blocked access attempts to malicious domains.

Implementation Example

Configure platforms to use only approved DNS services that block access to known malicious domains

ID: PR.PS-05.255

Context

Function
PR: PROTECT
Category
PR.PS: Platform Security
Sub-Category
Installation and execution of unauthorized software are prevented

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Signature
Neil Cameron
Founder, ResponseHub
Neil Cameron