DNS, DHCP & IP Address Management appliances
For Microsoft DNS & DHCP servers
For open source DNS & DHCP servers
Cloud-based visualization of analytics across DDI architecture
Manage multi-vendor cloud DNS servers centrally
RIR Declaration Management and Automation
Automated network device configuration and management
Centralized visibility over all your clouds
A single source of truth for your network automation
Why DDI is an Obvious Starting Point
DNS Threat Intelligence for proactive defense
Intelligence Insights for Threat Detection and Investigation
Adaptive DNS security for service continuity and data protection
Improve Application Access Control to prevent spread of attacks
Protect users and block DNS-based malware activity
Carrier-grade DNS DDoS attack protection
Optimize application delivery performance from the edge
for Proactive Network Security
Visibility, analytics and micro segmentation for effective Zero Trust strategy
Enable work from anywhere by controlling access, security and data privacy
Simplify management and control costs across AWS, Azure and GCP environments
Risk-free migration to reduce DDI complexity and cost
Move risk-free to improve performance, security and costs
Automate management, unify control and strengthen security of connected devices
Protect your network against all DNS attacks, data exfiltration and ransomware
Enable zero touch operations for network management and security
Improve resiliency, deployment velocity and user experience for SD-WAN projects
Integrated DNS, DHCP, IPAM services to simplify, automate and secure your network.
Simplify design, deployment and management of critical DDI services for telcos
Optimize administration and security of critical DDI services for healthcare
Simplify and automate management of critical DDI services for finance
Simplify and automate management of critical DDI services for higher education
Simplify and automate management of critical DDI services for retail
Simplify Management and Automation for Network Operations Teams
Open architecture for DDI integration
Technology partnerships for network security & management ecosystems
Extend security perimeters and strengthen network defenses
Submit requests for temporary licenses
Submit access requests for EfficientIP knowledge platforms
Submit membership requests for EfficientIP Community
Strengthen Your Network Protection with Smart DNS Security
Customer-centric DDI project delivery and training
Acquire the skills needed to manage EfficientIP SOLIDserver™
Identify vulnerabilities with an assessment of your DNS traffic
Test your protection against data breaches via DNS
Dedicated representation for your organization inside EfficientIP
Explore content which helps manage and automate your network and cloud operations
Read content which strengthens protection of your network, apps, users and data
Learn how to enhance your app delivery performance to improve resilience and UX
Why Using DNS Allow Lists is a No-Brainer
This enterprise-grade cloud platform allows you to improve visibility, enhance operational efficiency, and optimize network performance effortlessly.
Who we are and what we do
Meet the team of leaders guiding our global growth
Technology partnerships for network security and management ecosystems
Discover the benefits of the SmartPartner global channel program
Become a part of the innovation
The latest updates, release information, and global events
November 22, 2022 | Written by: Surinder Paul | DNS Security
APIClient Query FilteringCyberattacksCyberthreatData TheftDNS FilteringDNS SolutionNISNIS 2
The work-from-anywhere environment has accelerated the transition to the cloud, e-commerce and in-store retailers are experiencing heightened security risks. Risks that lead to more network downtime and data theft potential. Cybersecurity incidents can hit a retailer’s reputation hard, causing customers to switch allegiance to a competitor.
Smart DNS security offers the network visibility and analytics that retailers require for having the confidence to withstand potential cyber-attacks. Confidence in their capability to recover quickly and safeguard consumer data. While maintaining a good customer experience and keeping revenue flowing.
The retail sector has long been prone to cyberattacks. A while ago, credit card details of thousands of Macy’s consumers were compromised when cybercriminals used logins and passwords obtained from third-party sources to access online accounts, 40,000 Ticketmaster customers had personal and payment data stolen due to malicious software, and last year Guess suffered a ransomware attack involving the theft of customer data including passport, driving license and Social Security numbers.
As omnichannel retailers of all shapes and sizes attempt to enhance efficiency and boost sales by adopting the latest data-driven technologies, their attack surface expands significantly. Bad actors are being given immediate access to valuable information such as cards and PINs via Point-of-Sale (POS) systems, and any breaches on the POS itself lead to long checkout lines and missed sales. In addition, the trend of retailers getting into the healthcare and pharmacy businesses results in them holding increasing amounts of sensitive customer data, so retailers need to comply with regulations such as GDPR, PCI DSS, and NIS to avoid costly fines. Insider threats are also on the rise, due to the growth of new stores and distribution centers, high employee turnover, and seasonal employees at times such as holiday periods and Black Friday.
For disrupting networks or access to apps and services, as well as for exfiltrating data, DNS is a favorite target for cybercriminals, as shown in IDC’s 2022 Global DNS Threat Report. 87% of retail companies suffered DNS attacks, with each attack resulting in $832k damage costs on average and some costing over $5M. The most frequent DNS attack types include phishing, DNS-based malware, and cloud instance misconfiguration abuse. DDoS attacks are also of major concern for retailers, with 62% having suffered DDoS attacks of over 5Gb/s, the highest across all industries surveyed. Worst of all, the impact of attacks has risen for most categories, in particular data theft, brand damage, and cloud service downtime.
Impacts of DNS attacks on the Retail Industry
And what’s even more worrying are the countermeasures being used to mitigate the DNS attacks. 43% of retailers shut down their DNS server or service (highest across all verticals), causing loss of revenue for the business, 35% disabled the affected apps, and 27% shut down part of their network infrastructure. Use of more adaptive countermeasures would be advisable – ones that allow retailers to keep their business up and running – such as quarantining suspicious users to restrict their access while allowing legitimate traffic to pass.
Any disruption caused by network downtime or cybersecurity incidents is unacceptable for today’s digitally-enabled retailers, as failure to provide a consistent, integrated, and smooth shopping experience can lead to a customer rapidly moving over to a competitor. Effective cybersecurity has therefore become key for retailers, and with increased complexity caused by IT infrastructure in the cloud, network security teams are rushing to implement zero trust architectures (76% are already running or planning it, according to the IDC report).
When it comes to zero trust, DNS has a key role to play. Its visibility over network traffic intent makes it ideal for detecting threats early and thus preventing their movement across the infrastructure. Access to critical apps can be better controlled by the use of DNS filtering combined with allow and deny lists. System and application access by employees and third-party workers can therefore be tied to job functions and carefully planned and monitored, helping overcome privilege abuse. Unfortunately for retailers, only 47% are currently making use of this, which is far below the 71% in the financial services sector for example.
But on the upside, the importance of purpose-built DNS security is now well recognized in the retail industry, with 71% of retailers regarding it as critical for their security posture. DNS security is viewed as a critical component for overall cloud security (by 68% of respondents surveyed in the Threat Report) and also for IoT security (56%), while 59% see it as important for protecting their remote workforce.
Leveraging DNS to fight ransomware and data theft are another area highlighted by the IDC Report. Retail companies are the top users of DNS against malware and ransomware, with 64% already using DNS for that purpose. And 63% see monitoring and analysis of DNS traffic as the most effective method for preventing data theft from their network. Solutions such as EfficientIP’s DNS Guardian, for example, enhance the detection of data exfiltration via DNS thanks to the inspection of DNS traffic between the cache and recursive functions. Using user behavior analysis, data theft attempts can be thwarted very early, as compared with firewalls which are unable to detect exfiltration until several days or weeks later.
Retailers today are facing a new breed of criminals, ones who focus on stealing information rather than stealing money or physical goods from a store or warehouse, so it’s mandatory they have a comprehensive strategy in place to ensure their networks and infrastructures are secure at all times. DNS is a vital piece of any organization’s security ecosystem, hence needs to be suitably leveraged to enhance the protection of data, apps, and users. For retailers, in particular, their revenue and the future of their brand depend, on it!
When our goal is to help companies face the challenges of modern infrastructures and digital transformation, actions speak louder than words.
Explore content highlighting the value EfficientIP solutions bring to your network
To provide the best experiences, we and our partners use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us and our partners to process personal data such as browsing behavior or unique IDs on this site and show (non-) personalized ads. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Click below to consent to the above or make granular choices. Your choices will be applied to this site only. You can change your settings at any time, including withdrawing your consent, by using the toggles on the Cookie Policy, or by clicking on the manage consent button at the bottom of the screen.
We use cookies to enhance your browsing experience, serve personalized content, and analyze our traffic. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site.