Security Strategy, Plan, Budget

Holiday folly for retailers with DNS glitches

If your network went down for five minutes, what would the impact to your business be?

What if it went down for an hour? A day?

A recent survey commissioned by VeriSign found that more than half of midsize and large enterprises with dedicated IT staff have experienced network downtime in the last year. Sixty-five percent of those downtime incidents were attributed to domain name system (DNS) failures and/or cyberattacks. Surprisingly, those with larger IT budgets, more website visitors and a dependency on their websites for more than 50 percent of annual revenue were more likely to say they experienced downtime from a DNS failure.

DNS effectively serves as the “front door” for any website to let in users and customers wanting to conduct internet transactions. The entire process generally happens in a few tenths of a second and is transparent to the end-user.

Thus, no one really cares about DNS until it stops working, but that's when it is too late. Losing DNS service effectively removes one's site from the web.

For a major e-commerce company, just one minute of DNS downtime can result in millions of dollars of lost revenue and erosion of brand and customer satisfaction. For a small business with limited resources and technical expertise, downtime can mean the end.

According to Joseph Finsterwald, chief technology officer for Karamaloop.com, in a recent Internet Retailer article, “Failure of our site could have potentially cost us $50,000 to $100,000 per hour of outage during peak traffic.”

Jennifer Pigg, a Yankee Group vice president and analyst, said, “Increasingly, organizations rely on e-commerce as a main or primary revenue stream and are dependent on their external network for mission-critical corporate functions, such as customer service, sales and support. They realize they cannot afford to see DNS go down or suffer a security breach.”

Yet, the Yankee Group estimates that more than 85 percent of enterprises that manage DNS in-house (the method used by the majority of e-commerce sites) do not have dedicated staff, but instead manage the technology on an ad-hoc basis, with limited expertise and few defined operational processes.

This is very risky, especially in the current cyber landscape where criminals and bored teenagers are looking for any outlet to disrupt operations of the largest and smallest businesses.

This is especially true during the busy holiday shopping season that is fast approaching.

ComScore reported that the 2010 U.S. online holiday shopping season was the largest yet, with almost $33 billion in retail e-commerce spending during November and December. That's a 12 percent increase in spending over the previous year and it's expected to be even higher this year as consumers look to online sales, free shipping specials and ease of online comparison shopping to fill their stockings.

But for those e-tailers with DNS glitches, this holiday season could be more folly than jolly.

E-commerce companies must take a step back now and evaluate the health of their DNS. Comprehensive management requires careful planning, substantial expertise, and considerable resources. Unfortunately, most companies do not recognize weaknesses in their existing DNS infrastructure until it is too late and they have suffered lost productivity and revenue.

It's true that a growing trend for companies of all types is to implement managed DNS services, either as a primary management strategy, or as a secondary service which provides a fail-safe in the event that the primary DNS infrastructure fails. These services generally have tools and capabilities that help secure the network, improve availability, and enhance performance that – in most cases – enterprises cannot afford to duplicate on their own.

If you decide to investigate DNS hosting services, here are a few things to consider:

  • Does the provider have a global footprint?  Most DNS companies have a good presence in the United States, but performance can suffer if their infrastructure is lacking around the rest of the world.
  • What's the provider's track record? Some DNS providers have been down during the critical holiday season when e-commerce sites need them the most.  
  • Is the provider secure? With the growing number of compromises, e-commerce sites must be extremely diligent about the security of their infrastructure. Therefore, it is critical that your DNS provider has support for advanced security features, like two-factor authentication for login. 
  • Can the provider protect you from a distributed denial-of-service (DDoS) attack? DDoS attacks are becoming increasingly prevalent (especially for e-commerce sites).
Sean Leach

Sean is the Chief Product Architect at Fastly, where he focuses on building and scaling products around large scale, mission critical infrastructure. He was previously VP, Technology for Verisign, where he provided strategic direction along with product and technical architecture and was a primary company spokesperson. Sean was previously CTO of name.com, a top 15 domain registration and web hosting company as well as a Sr. Director at Neustar.
He holds a BS in Computer Science from the University of Delaware. His current research focus is on DNS, DDOS, Web/network performance, Internet infrastructure and combating the massive internet security epidemic.

Related

A guide to getting the right cyber insurance

It’s more challenging for organizations to get cybersecurity insurance, and when they do manage to get insured the premiums are steep. It also turns out that not all policies cover ransomware, the leading cause of cyber insurance claims.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.