By Jonathan Barnett, Webroot
While the proliferation of encrypted DNS is being driven by consumer privacy, businesses will want to take notice. Encrypted DNS – also known as DNS over HTTPS, or DoH – obscures internet traffic from bad actors. But it also has the potential to decrease visibility for IT admins whose responsibility it is to manage DNS requests for their organizations. So, what’s the solution? Strangely, DoH.
As previously mentioned, DoH is now the default for Mozilla Firefox. It’s also available in Google Chrome and other Chromium-based browsers. This is a win for consumers, who have newfound control over who can see where they’re going on the internet.
However, by surrendering control over DNS requests to the browser, IT administrators lose the ability to apply filtering to DNS requests. Encrypted DNS that skirts the operating system eliminates the visibility that IT admins need to ensure security for internet traffic on their networks. It also prevents the business from being able to run threat intelligence against DNS requests and identify dynamic malware that could circumvent consumer DoH implementations. This leads to gaps in security that businesses can’t afford.