AuDA cracks down on registrar system security

Powered by SC Magazine
 

Proposed standard a 'world first'.

Australian domain authority auDA is preparing to impose minimum IT security requirements on .au registrars.

The authority today released a draft of its Information Security Standard, which it said had been prepared "following a serious security incident involving an accredited registrar in mid-2011".

DistributeIT was hit by a malicious attacker in June last year. The system downtime affected a number of domain resellers.

In an issues paper (pdf), auDA said its security standard was "intentionally flexible" to operate within a range of business models.

It is intended that registrars will have to pass an independent vetting of their compliance with the standard every three years, along with more frequent "interim assessments". The frequency was being floated among industry members.

The standard would be phased in for existing registrars over the next two years.

Those who do not pass either interim or full compliance checks would be suspended and have three months to right their systems.

Accreditation could be terminated after this time "on the grounds that auDA can have no confidence in the registrar's ability to protect the security of their registry connection or their registrant data".

auDA is seeking input from the domain industry on the current security standard proposal.

Copyright © iTnews.com.au . All rights reserved.


AuDA cracks down on registrar system security
 
 
 
Top Stories
Photos: iTnews Benchmark Awards countdown begins
Just a few days left until entries close for 2014.
 
Australian Govt to rethink cyber security strategy
Six-year old policy to be refreshed.
 
The failure of the antivirus industry
[Blog post] Insights from AVAR 2014.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  5%
TOTAL VOTES: 1064

Vote