ITWire

Home Policy Regulation Overly onerous security policy could harm domain registrar market

Overly onerous security policy could harm domain registrar market

Get all your tech news delivered to your mail box five days a week
iTWire UPDATE - it's FREE!


A proposal by auDA to impose tight security requirements on domain name registrars has gained wide approval but the head of the largest registrar, NetRegistry, warns that it could be overly onerous, and drive smaller registrars out of the market.

The proposal is one of a raft of issues canvassed by the auDA advisory panel in an issues paper released in June, submissions to which closed last Friday, 20 July.

The paper notes that: "Under the Registrar Agreement, all registrars are obliged to immediately give auDA notice of any security breaches affecting any part of their systems. There are currently no other requirements in relation to registrar security."

The move to beef up security requirements on registrars was precipitated by the 2011 hacking of registrar distribute.IT, which destroyed the company. According to a report in The Australian at the time, the hackers chose the quite time of a Saturday night on June 11 to launch a highly sophisticated attack which wiped out distribute.IT's hard drive address blocks.
"Without these address tables, disk storage content containing the web-hosting files of thousands of distribute.IT customers were rendered unreadable. To ensure data could not be recovered, the hackers then turned their attention to destroying the company's backups."

This incident prompted auDA to draft an Information Security Standard (ISS) "to assist registrars to manage and improve the security of their own businesses in a way that also protects the integrity and stability of the .au domain space," and a registrar certification process. Together they form the draft auDA ISS Compliance Policy.

NetRegistry CEO, Larry Bloch, told iTWire "The discussion paper is very onerous for registrars and I think it may be overkill, There is a myriad of requirements on registrars from audits of their systems to escrow of information to regular monitoring."

CONTINUED

You can read more stories on telecommunications in our newsletter ExchangeDaily, click here to sign up for a free trial...

RECRUITMENT & RETENTION REPORT 2013

HIRE OR FIRE? BUY OR BUILD

2013 is well underway and Australian companies need to know whether they should invest in IT skills training or pay a premium for the people they need.

If you want to know which choices are being made in your sector, what skills are hard to find, which sectors intend to hire or fire and where the IT spend is going, this free report is must have.

GET YOUR REPORT NOW

Stuart Corner

 

Tracking the telecoms industry since 1989, Stuart has been awarded Journalist Of The Year by the Australian Telecommunications Users Group (twice) and by the Service Providers Action Network. In 2010 he received the 'Kester' lifetime achievement award in the Consensus IT Writers Awards and was made a Lifetime Member of the Telecommunications Society of Australia. He was born in the UK, came to Australia in 1980 and has been here ever since.

More in this category: « Apple is required to state Samsung didn't copy the iPad on their website Secure framework may be year away: auDA »
back to top


Services

Company

Community

Connect

http://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=tf&c=19&mc=imp&pli=5460041&PluID=0&ord=[2000]&rtu=-1