Cybersecurity for the Non-Technical Person, Part 3
Dr. Lynne Williams, Purdue University Global Faculty, MSIT and MSCM Programs
Most Internet users are blissfully unaware of the infrastructure that allows them to send and receive email, watch Netflix™, update their Facebook™ feed, and a thousand other digital tasks. While it isn’t necessary that they be tech gurus to use all of their connected devices, when considering cybersecurity, it helps to know a bit about how the general infrastructure operates.
DNS
Humans speak in character-based languages, but computers and networks much prefer to use numbers. When you type www.google.com into your browser’s search box, the browser and the network it’s using aren’t paying the slightest attention to the words. Instead, they are looking for a list that maps the word to a number. That’s the core concept of the Domain Name System [DNS].
The number that the browser is trying to find is an IP address, as we discussed in the second installment. It’s a bit like looking through the phonebook at a list of names and finding a phone number. DNS is what makes the internet and World Wide Web work; otherwise, we’d all have to know the IP address of any web page we wanted to visit. DNS is, effectively, the world’s largest phonebook with the IP address of all internet-connected devices, web pages, and web apps. DNS does have some security vulnerabilities. It’s easy to “spoof” an IP address such that the user is sent to a malicious website. Systems that store a cache of DNS addresses can be “poisoned” to deliberately misdirect unwary users.
Protection
So how do you protect yourself from being hijacked onto a malicious website? The answer is remarkably easy: use a DNS service such as OpenDNS. OpenDNS, as well as Google DNS, Comodo Secure DNS, and Norton ConnectSafe, all maintain a secured group of DNS servers that are specially designed to detect spoofed or fraudulent DNS resolutions. All you have to do is use one of these secured DNS services, rather than the DNS addresses used by your Internet Service Provider [ISP].
Many DNS services are free (look for OpenDNS Personal, Google DNS is always free) and only require a minute or two to set up as there’s nothing to install: OpenDNS Setup Instructions If you set up a DNS service on your internet modem, the service will protect every device that connects to it. You can also set up a DNS service on individual devices; the choice is up to you. While using a DNS service isn’t a substitute for running updated anti-malware software, it’s a powerful, transparent way of adding another layer of cybersecurity to your virtual office and devices.