The Australian Strategic Policy Institute (ASPI) recently launched .auCheck to help internet users check their website, email and internet connections for use of the latest and most secure internet standards. It’s aimed at .au domain names but appears to be able to check domain names in any top-level domain. And the .au policy and regulatory body, auDA, and registry, Afilias, don’t come out well.
The free service can check if a website and email are set up correctly. ASPI says the service aims to empower users, in particular Australian small businesses, to ask the right questions and choose the right level of services from their providers, including adequate security settings.
.auCheck will enable users to have an informed discussion with their IT support, internet service provider, domain registrar, webhosting company or IT contractor to improve the security standards of their website, email or internet connection and facilitate the adoption of best practice internet standards.
Standards that are checked by the .auCheck tool include:
- Encryption methods (to ensure the secure transfer of information over the Internet);
- Ways to authenticate website and mail servers (to ensure internet users are dealing with genuine website and email accounts);
- Security of domain names (to allow domain names to be verified);
- Security of website applications (to prevent insertion of malicious code or unauthorised access);
- Protection against phishing through email from fake accounts.
- Following the test, .auCheck offers users advice on additional steps they can take to bring their website and email domains up-to-standard.
Checking the .au policy and regulatory body’s website auDA.org.au, who collaborated with ASPI on the development of the service, gets a “getting there” result with “6 things to check” when it comes “encryption and authenticity of web server” while there are another “3 things to check” for “security of website applications.
But when it comes to the registry’s website, it appears to be a total failure. The afilias.com.au check reveals “19 things to check” regarding the “encryption and authenticity of web server”, “4 things to check” for “security of website applications” and “2 things to check” when it comes to “adoption of Internet Protocol v6”.
Fergus Hanson, Director of ASPI’s International Cyber Policy Centre, believes .auCheck will be a valuable practical contribution to the work Australian governments, industry and internet organisations are already doing to raise awareness of the need to be cyber secure.
‘We hope .auCheck will give Australian businesses practical advice to improve the security and reliability of their online presence. The tool also empowers every Australian to check for themselves the security of the websites they visit.
‘The idea for .auCheck came from discussions with international partners in the UK and the Netherlands who pioneered similar tools. We’re very grateful to the Dutch Internet Standards Platform and for the support of auDA which allowed us to develop .auCheck in a way that fits the Australian context.’
Over time ASPI believes the aggregated test results will deliver an understanding of the security standards being used by individuals, businesses and organisations in Australia.