iTnews

AuDA cracks down on registrar system security

By Ry Crozier on Jun 8, 2012 1:24PM
AuDA cracks down on registrar system security

Proposed standard a 'world first'.

Australian domain authority auDA is preparing to impose minimum IT security requirements on .au registrars.

The authority today released a draft of its Information Security Standard, which it said had been prepared "following a serious security incident involving an accredited registrar in mid-2011".

DistributeIT was hit by a malicious attacker in June last year. The system downtime affected a number of domain resellers.

In an issues paper (pdf), auDA said its security standard was "intentionally flexible" to operate within a range of business models.

It is intended that registrars will have to pass an independent vetting of their compliance with the standard every three years, along with more frequent "interim assessments". The frequency was being floated among industry members.

The standard would be phased in for existing registrars over the next two years.

Those who do not pass either interim or full compliance checks would be suspended and have three months to right their systems.

Accreditation could be terminated after this time "on the grounds that auDA can have no confidence in the registrar's ability to protect the security of their registry connection or their registrant data".

auDA is seeking input from the domain industry on the current security standard proposal.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
au auda domain iss registrar security standard telco/isp telecommunications

Partner Content

What conversations should executives be having about cyber security?
Partner Content What conversations should executives be having about cyber security?
New Intel NUCs advancing mini-PC possibilities for business
Partner Content New Intel NUCs advancing mini-PC possibilities for business
Shut the door on ransomware
Promoted Content Shut the door on ransomware
Resetting cyber security for the new threat landscape
Partner Content Resetting cyber security for the new threat landscape

Sponsored Whitepapers

Is the technology refresh dead?
Is the technology refresh dead?
DevSecOps: A framework for digital innovation
DevSecOps: A framework for digital innovation
Encryption: Protect your most critical data
Encryption: Protect your most critical data
Overcoming data security challenges in a hybrid, multicloud world
Overcoming data security challenges in a hybrid, multicloud world
Move beyond passwords
Move beyond passwords

Events

  • On-Demand Webinar: How Poly and Microsoft are Embracing Future Work Environments
  • [Webinar] - Transformation versus compliance – a guide for CXOs
  • Masters of Microsoft Licensing
By Ry Crozier
Jun 8 2012
1:24PM
0 Comments

Related Articles

  • Geolocation threats rise following demonstration of router hacking that can pinpoint a person's home
  • Optus creates senior leadership role spanning national and cyber security ops
  • Govt, agencies struggle to contain scope creep fears around surveillance powers
  • Data retention 'ambiguity' sees cops given web browsing histories
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Aussie Broadband to white label its services

Aussie Broadband to white label its services

Vodafone hit by nationwide 4G outage

Vodafone hit by nationwide 4G outage

ATO loses its cyber security chief

ATO loses its cyber security chief

Virgin Australia rebuilds its IT leadership team

Virgin Australia rebuilds its IT leadership team

You must be a registered member of iTnews to post a comment.
Log In | Register
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.