Tag Archives: Canadian Internet Registration Authority

CIRA Provides Ultimate Domain Name Security Checklist

The importance of keeping ones domain name secure is something that many organisations and people take for granted. With .ca domain names in mind, but also being applicable to all domain name registrants, the Canadian ccTLD manager CIRA has provided a handy Ultimate Domain Name Security Checklist.

CIRA note “it can be easy to forget just how many applications rely on the DNS to function, and how critical domain names are to the entire internet ecosystem.”

“If you manage a .CA domain name, or any other domain name, it is critical to understand just how central they are to both the functioning of your business and the security of your systems. No matter how small your business is or how insignificant some of your domains may be, if they become compromised they can cause headaches that spread throughout your ecosystem. Even old, unused domains can be used by hackers to infiltrate or embarrass your organization.”

The guide has a checklist of the following records domain name registrants should keep and actions they should take:

  • Where is your domain name registered? Take note of the registrar name and their website.
  • Is two-factor authentication enabled? If not, do it.
  • Who is the DNS provider? Is it the registrar default, a third-party provider?
  • Does the DNS provider have two-factor authentication? If they do, enable it. If not, consider finding one that does.
  • Is the Internal Master DNS service not available for queries? This means the DNS is unable to answer requests over any port except to the external/secondary DNS provider.
  • Is the Internal Master DNS service running latest software? If not, find out why.
  • Do you have a secondary DNS provider? A backup DNS helps protect against DDoS attacks, if your domain name is mission critical you should have one.
  • Does your secondary DNS provider have two-factor authentication enabled?
  • Does your secondary DNS provider have Transaction Signatures (TSIG) enabled?
  • What is the TTL (time to live) for your zone file?
  • Does your domain require an Extended Validation (EV) SSL certificate? Is it enabled?
  • What is the renewal date for your SSL certificate?
  • Who is the registrant contact on your domain? Is their contact information up to date?
  • Who is the technical contact on your domain? Is their contact information up to date?
  • Who is the administrative contact on your domain? Is their contact information up to date?
  • Have you whitelisted the emails coming from your registrar and registry so you can get critical security and technical updates?
  • Do you know who has administrative access to your domain registrar? Make a list and keep it updated.
  • What is the renewal date of your domain? Do you have auto-renew enabled?
  • Have you reviewed the policy rules of your registrar and registry?
  • Have you audited your DNS zone records?
  • Do you have your primary zone file backed up, control tested and working?
  • Is your domain locked at the registry?
  • Do you have your domain name registration records on file? Backed up?
  • Do you have your domain name billing records on file?
  • Do you have any trademark and/or public documents associating you with the domain name on file? Backed up?
  • Do you have any legal document relevant to your domain name on file? Backed up?

The original version of the checklist on CIRA’s website was created in HTML allowing for copy/paste directly into Github, Jira, Confluence, or wherever else workflow is managed. CIRA recommend reviewing and updating once a year.

In their post, CIRA acknowledge the “checklist is pretty exhaustive—some would say it’s the ultimate—if you would like dive deeper into domain name security, we suggest you take a look at A Registrant’s Guide to Protecting Domain Name Registration Accounts from ICANN’s Security and Stability Advisory Committee (SSAC).”

“Our friends at Akamai also recently published a great guide: Protecting your domain names: Taking the first steps. It goes into detail on a few of the items in our checklist and has some great insight.”

To copy/paste the original of the checklist, go to the original version on the CIRA website here.

CIRA Publishes Report On Canadian Perspective On Fake News, Privacy, Cybersecurity And Internet Access

The Canadian Internet Registration Authority (CIRA) released a research report last week displaying Canadians’ opinions and experiences regarding the internet and fake news, privacy, cybersecurity and access. Based on a survey of over 1,200 Canadian internet users in December 2018, the report highlights areas of concern, including apprehension around the upcoming Canadian federal election. The report also indicates what Canadians want from industry, the Canadian government and citizens themselves to create a better internet in Canada.

CIRA’s report offers several recommendations to improve Canada’s internet, including enhanced investments by the Canadian government, actions around cybersecurity and privacy that Canadian businesses can take right away and opportunities for Canadian citizens to improve the internet they rely on every day.

“With the rise of misinformation online and threats to digital privacy and cybersecurity, Canadians are demanding more of government, industry and others when it comes to Canada’s internet,” says CIRA’s CEO Byron Holland. “The question that remains is how best to give Canadians what they want, while maintaining the open, interoperable internet that has become ubiquitous in the lives of most Canadians.”

The report comes out in the lead up to the upcoming
Canadian Internet Governance Forum, taking place this week in Toronto, where internet stakeholders from across the country will meet to discuss these key issues. CIRA is a sponsor, co-organiser and participant.

“There are some basic actions that can be taken today to increase Canadian privacy and security online,” says Jacques Latour, CIRA’s chief security officer. “Canadian businesses must learn and follow privacy laws and make cybersecurity a priority. Governments must invest and participate in local infrastructure such as Canadian internet exchange points to keep data local, and Canadians must learn to spot and avoid personal cyber threats such as phishing emails.”

“With a federal election around the corner, fake news is a real concern and Canadians agree,” says David Fowler, CIRA’s vice president of marketing and communications and vice-chair of MediaSmarts board of directors. “Canadians see social media companies, the government and journalists as key players to halt misinformation online. But citizens themselves have a role to play and increased investments in media literacy will help Canadians spot fake news and thereby thwart its influence.”

To read the full report visit cira.ca/betterinternet.

Some of the key facts on Canadian internet users highlighted by CIRA are:

Of Canadian internet users:

Social media and fake news

· 75% say they come across fake news at least sometimes

  • 57% have been taken in by a fake news item.

· 70% are concerned that fake news could impact the outcome of the next federal election.

Privacy

· 72% are willing to disclose some or a little personal information in exchange for a valuable/convenient service.

· 87% are concerned that businesses with access to customers’ personal data willingly share it with third parties without consent.

· 86% believe it is important that government data, including the personal information of Canadians, be stored and transmitted in Canada only.

Cybersecurity

· 87% are concerned about a potential cyberattack against organizations with access to their personal data.

· Only 19% say they would continue to do business with an organization if their personal data were exposed in a cyberattack.

· 78% are concerned about the potential security threats related to the Internet of Things.

Access

· 69% believe the high cost of internet services, including for mobile data, is hurting Canada’s economy and prosperity.

· 83% believe that universal access to high-speed internet is important for Canada’s overall economic growth and prosperity.

· 70% agree that the Canadian government should be doing more to support public access to high-speed internet.

Internet governance

· 75% say they only know a little or hardly anything about the topic of global control and regulation of the internet.

· 50% are concerned that the global internet could fracture into regional blocks that adopt very different regulatory principles and policies.

  • 66% support the principles of net neutrality.

CIRA Adds .CL and .SG As Clients of Their D-Zone Anycast DNS Service

CIRA announced Monday it has added 2 new ccTLD partners for its D-Zone Anycast DNS service – Singapore (.sg) and Chile (.cl), taking to 10 ccTLDs that use the service, as well as adding 2 new global nodes in Brazil and Japan – as the company best known as the manager of the Canadian ccTLD .ca continues  to spread its wings.

The addition of Singapore Network Information Centre (SGNIC), the country code top level domain manager for .sg and NIC Chile, who manages .cl, adds 180,000 and 570,000 domain names under management respectively to its service.

CIRA now has 25 nodes across the globe providing a robust network that powers D-Zone Anycast DNS for their ccTLD customers which answers approximately 180 million DNS queries per day for its TLD customers to help provide greater resiliency to their networks.

The 10 ccTLDs that now use CIRA’s D-Zone Anycast DNS are .cl, .cr (Costa Rica), .dk (Denmark), .nl (Netherlands), .nu (Niue), .nz (New Zealand), .pt (Portugal), .se (Sweden), .sg and of course Canada’s .ca. D-Zone Anycast DNS answers queries for nine percent of all global ccTLDs domain names.

DNS Anycast technology deploys identical DNS servers in different locations often in different countries. It means that when a node is taken offline, due to maintenance or for nefarious reasons, the end user doesn’t notice and DNS services continue. During a cyberattack, with nodes deployed around the world one node can bear the brunt of an attack leaving others unscathed. For businesses, DNS Anycast services can be deployed to improve performance of websites and load times for web pages. With multiple nodes, the customer is closer to a node and performance improved.

“We were looking for DNS partner with a global reputation and solid infrastructure. We found that partner in CIRA and look forward to a productive relationship,” said Queh Ser Pheng, General Manager of SGNIC.

“CIRA’s global reputation in the ccTLD community provided us with the confidence that we could trust them with our DNS. Our customers demand the highest standards of uptime and security and D-Zone Anycast DNS helps us deliver that,” said Eduardo Mercader Orta, Director of Operations, NIC Chile.

“CIRA is proud to partner with ccTLDs to provide a stable, secure, high performance DNS. Starting with DNS, our relationships have expanded to be true partnerships that include collaboration and information sharing with our ccTLD peers around the globe,” said Mark Gaudet, DNS Program Manager, CIRA.

CIRA Canadian Cybersecurity Survey identifies disconnect between awareness and actions

The Canadian Internet Registration Authority (CIRA) has released its 2018 CIRA Cybersecurity Security Survey which provides an overview of the Canadian cybersecurity landscape.

For the survey, CIRA, the .ca country code top level domain (ccTLD) registry, surveyed 500 individuals with responsibility over IT security decisions at small and medium-sized businesses across Canada to learn more about how they are coping with the increase in cyber threats. The sample included both business owners and employees who manage information technology.

“A key element of building a better online Canada is ensuring Canadians have safe, secure internet access,” said Byron Holland, president & CEO, CIRA. “Through our experience in managing the .CA domain for Canadians, we hope to help lend our expertise in safeguarding Canada’s internet so that Canadian businesses can thrive online.”

In partnership with CIRA’s technology partner, Akamai Technologies, the full report has been released to coincide with Small Business Week in Canada.

“Training and awareness are critical to ensuring your business is cyber-secure,” Jacques Latour, chief security officer, CIRA. “No matter how great your IT team is, anyone with a network-connected device can be the weak point that brings your business down.”

The report’s key findings are:

  • 40 per cent of respondents experienced a cyberattack in the last 12 months. One in ten experienced 20 or more attacks.
  • Among larger businesses with 250-499 employees, the number who experienced an attack increases to 66 per cent
  • 67 per cent of respondents outsource at least part of the cybersecurity footprint to external vendors.
  • While 59 per cent of respondents said they stored personal information from customers, 38 per cent said they were unfamiliar with PIPEDA.
  • One-third of respondents indicated that the most significant impact of a cyberattack is the time and resources required to respond to the incident.
  • 88 per cent of respondents were concerned with the prospect of future cyberattacks, which resulted in 28 per cent suggesting they would add cybersecurity staff in the next year
  • Although 78 per cent were confident in their level of cyber threat preparedness, 37 per cent didn’t have anti-malware protection installed and a shocking 71 per cent did not have a formal patching policy – exposing these organizations to massive security holes
  • Only 54 per cent of small businesses provide cybersecurity training for their employees even though the most common form of malware seen by our respondents, phishing attacks (42 per cent), directly exploit employees as a point of weakness

Read the full report: https://cira.ca/2018-cybersecurity-survey-report

CIRA Explains Why Registering ccTLD Domains Benefits the Local Internet Community

Registering domain names in a country code top level domain often has benefits to that country’s local internet community. In the case of Canada’s ccTLD, Byron Holland, President and CEO of CIRA who manages .ca, recently explained how in a post on the company blog. Continue reading CIRA Explains Why Registering ccTLD Domains Benefits the Local Internet Community

Canada’s ccTLD Grows 5.3% in 12 Months, Almost Double Global Average

Canada’s ccTLD, .ca, had a bumper year in 2017/18, growing by 5.3% in the 12 months to the end of March to 2,736,980 domain name registrations making it one of the fastest growing ccTLDs. This compares to the overall the domain name market in Canada which grew at 1.35% while globally ccTLDs (in 2017) grew 2.4%.

Not only are registrations growing rapidly for the country code top level domain, total registrations for the 12 month period hit a record 537,941 registrations compared to the previous high of 511,900 in FY12.

“As the stewards of the .CA domain worldwide, we are thrilled to see that Canadians are embracing their national identity online,” said Byron Holland, president and CEO, CIRA. “We are proud to represent our country on the global internet stage and to help build a better online Canada.”

Canada’s ccTLD is managed by the Canadian Internet Registration Authority (CIRA) and it enforces a strict Canadian Presence Requirement that ensures only residents, businesses or organisations in Canada can register a .ca domain. As part of its mandate to build a better online Canada, CIRA provides over one million dollars in grants every year to digital projects across Canada as part of its Community Investment Program.

CIRA partners with Akamai to enhance cybersecurity solutions for Canadians

Today, the Canadian Internet Registration Authority (CIRA) announced it has signed an agreement with Akamai Technologies to license Akamai’s DNS security-enabling solutions to power D-Zone DNS Firewall.

This partnership, which builds upon the previous agreement between CIRA and Nominum (acquired by Akamai in 2017), will allow CIRA to continue to expand its leadership position in DNS-based cybersecurity solutions in Canada, and also provides Akamai the opportunity to expand its Canadian presence.

Key facts

  • D-Zone DNS Firewall is powered by Akamai’s DNS Infrastructure and Security and Personalization Services (SPS) solutions, and blocks 1 million domains every month for customers in Canada.
  • In less than a year, CIRA has added more than 800,000 active users to its D-Zone DNS Firewall service.
  • D-Zone DNS Firewall has been received enthusiastically in institutional sectors such as education, health care, and municipalities and is gaining momentum among small and medium-sized businesses in Canada.
  • The recent launch of the D-Zone DNS Firewall e-store provides small businesses with the ability to get up and running with comprehensive malware protection in minutes.
  • The DNS plays a key role in a comprehensive defense-in-depth cybersecurity strategy as 91 percent of all malware uses the DNS for command and control. DNS protection neutralizes malware.
  • CIRA recently published its first annual Canadian Internet Security Survey to further solidify its position as a cybersecurity thought leader in Canada.

Executive quotes

As the world’s largest and most assigned cloud delivery platform, we seek out partners that share our commitment to safe, stable, secure digital experiences. CIRA is a recognized leader in providing those experiences, and we look forward to working with them to bring important and valuable Internet security services to Canada.

Richard Blatt, Business Development Director, Akamai Technologies

As the stewards of the .CA domain, we understand that only by thinking globally can we help build a better online Canada. The majority of threats come from outside our borders, which is why we have combined Akamai’s global cloud security platform with CIRA’s unique knowledge of the Canadian cybersecurity landscape to build a product that protects organizations of all sizes and sectors from malware and ransomware.

Dave Chiswell, VP of product development, CIRA

Additional resources

About the Canadian Internet Registration Authority

The Canadian Internet Registration Authority (CIRA) manages the .CA top-level domain on behalf of all Canadians. CIRA also develops technologies and services—such as D-Zone DNS Firewall—that help support its goal of building a better online Canada. The CIRA team operates one of the fastest-growing country code top-level domains (ccTLD), a high-performance global DNS network, and one of the world’s most advanced back-end registry solutions.

About Akamai

As the world’s largest and most trusted cloud delivery platform, Akamai makes it easier for its customers to provide the best and most secure digital experiences on any device, anytime, anywhere. Akamai’s massively distributed platform is unparalleled in scale with over 200,000 servers across 130 countries, giving customers superior performance and threat protection. Akamai’s portfolio of web and mobile performance, cloud security, enterprise access, and video delivery solutions are supported by exceptional customer service and 24/7 monitoring. To learn why the top financial institutions, e-commerce leaders, media & entertainment providers, and government organizations trust Akamai please visit www.akamai.com, blogs.akamai.com, or @Akamai on Twitter.

This CIRA announcement was sourced from:
https://cira.ca/press-releases/cira-partners-akamai-enhance-cybersecurity-solutions-canadians

CIRA Accelerates Innovation for Non-Profits with Amazon Web Services

Canadian Internet Registration Authority CIRA logo[news release] As part of its ongoing mission to build a better online Canada, the Canadian Internet Registration Authority (CIRA) today announced that it is the first Canadian public sector incubator to take advantage of the broad programs available from Amazon Web Services (AWS) for Canadian public sector startups.

Projects from CIRA’s Community Investment Program will now have access to a variety of AWS programs to help scale up online activities and accelerate the delivery of new products and services.

The Community Investment Program gives back by funding innovative community projects to build a stronger, safer and more accessible internet for all Canadians. The program has built new infrastructure, helped grow Canada’s capacity in digital literacy, enabled non-profits to deliver online services, and better equipped academic researchers to address emerging digital issues.

Key Facts

  • Since launching in 2014, the Community Investment Program has distributed $4.2M in funding to more than 100 projects.
  • The Community Investment Program is entering its fifth year and will be accepting new project applications on January 15.
  • With the AWS Canada Region in December 2016, AWS can host Canadian data in Canada which is essential for many public sector applications.
  • This relationship bolsters the existing $1 million in annual Community Investment Program funding provided by CIRA with in-kind technology and support services that can add up to five per cent to the value of the program.

Executive quotes

We are thrilled that Amazon Web Services is supporting our vision to build a better online Canada. Our Community Investment Program is at the heart of our mandate, and the AWS programs will allow our partners to continue to bring forward innovative projects that improve access, security, and quality of the internet in Canada.

Byron Holland, president & CEO, CIRA

We are passionate about supporting the Canadian startup community, and are proud to help the Community Investment Program by offering the right tools for the right jobs that allow public sector startups to scale and invent.

Jeffrey Kratz, General Manager, Latin America, Canada & Caribbean Regions, Amazon Web Services

Additional resources

For more information on the Community Investment Program visit: https://cira.ca/community-investment-program

About CIRA

The Canadian Internet Registration Authority (CIRA) manages the .CA top-level domain on behalf of all Canadians. A Member-based organization, CIRA also develops and implements policies that support Canada’s internet community, and represents the .CA registry internationally.

This CIRA news release was sourced from:
https://cira.ca/cira-accelerates-innovation-non-profits-amazon-web-services

CIRA Adds .SX To The TLDs It Provides Registry Services For

Canadian Internet Registration Authority CIRA logoCanada’s ccTLD registry, the Canadian Internet Registration Authority (CIRA), has now added .sx (Sint Maarten) to its Fury Registry Platform. CIRA has been on a bit of a “acquisition” role recently with this week’s adding to a number of similar recent announcements.

Wednesday’s announcement says SX Registry SA, who operates the .SX country code top level domain on behalf of the Sint Maarten government, is now running on CIRA’s Fury Registry Platform.

“While we chose the Fury platform due to its advanced features and stability, what truly amazed me was how seamless the migration was,” said Normand Fortier, CEO, SX Registry SA. “As a business person and especially as a registry, I cannot afford downtime, and the CIRA transition team exceeded my most optimistic expectations.”

CIRA describes their Fury Registry Platform as a next-generation TLD management platform with features and functionality designed for the modern TLD business. Fury features a modern interface with role-based access to key registry functions that provide flexibility in pricing, promotion, and domain management to help operators run their business and grow their registry.

Another of the benefits that CIRA touts is Fury’s tags feature—an industry first—enables operators to apply advanced business rules to individual domains or domain groupings to make adjustments to pricing and promotions in real-time.

The migration to Fury took less than 30 days, and was executed seamlessly by the CIRA transition team. Another to have migrated to Fury was .KIWI who adopted the platform last year.

“We developed the Fury Registry Services Platform with the flexibility and agility to manage any modern TLD business,” said Dave Chiswell, Vice President of Product Development, CIRA. “The TLD market is rapidly evolving, and accompanied by the support of CIRA, the FURY platform provides operators with a set of next-generation tools to compete and win.”

The consolidation of registry services is a bit of a global trend as registry operators look for partners to provide services rather than provide bespoke services every time. CIRA has been aggressive in seeking partners and in late October announced Uniregistry and SIDN had signed on to receive CIRA’s D-Zone DNS services for their TLDs. These announcements have followed announcements in February of 2 other joint ventures with the New Zealand and Portuguese ccTLD registries, InternetNZ and Associação DNS.PT, to deliver Anycast DNS services.

Domain Pulse has previously reported of SIDN who manages the .nl (Netherlands) ccTLD with more than 5.7 million domains under management, has itself been branching into other services. Speaking at the Domain Pulse conference in Vienna in February SIDN’s Michiel Henneke said the registry has been experimenting with opportunities in similar areas.

“DNS is required for e-billing so SIDN became a co-creator of a DNS billing service in the Netherlands, but there are few other markets that are as attractive when it comes to revenue as domain names and the e-billing service is just a small part of revenue. We’ve also taken over an e-identity company with 12 million users, so we believe this will be a significant contributor to future revenue.”

Registry Consolidation Continues as SIDN and Uniregistry Choose CIRA to Enhance DNS Security and Performance

Canadian Internet Registration Authority CIRA logoThe top level domain business continues to consolidate as registry operators look for partners to provide services rather than provide bespoke services every time. One of those registries that has recently been aggressive in seeking partners is CIRA, the registry operator for the Canadian ccTLD, who this week announced Uniregistry and SIDN have signed on to receive CIRA’s D-Zone DNS services for their TLDs.

Both partnerships were announced at the ICANN public meeting currently underway in Abu Dhabi and follows the announcement in February of two other joint ventures with the New Zealand and Portuguese ccTLD registries, InternetNZ and Associação DNS.PT, to deliver Anycast DNS services.

SIDN who manages the .nl country code top level domain (ccTLD) for the Netherlands, with more than 5.7 million domains under management, has itself been branching into other services. Speaking at the Domain Pulse conference in Vienna earlier this year SIDN’s Michiel Henneke said the registry has been experimenting with opportunities in similar areas.

“DNS is required for e-billing so SIDN became a co-creator of a DNS billing service in the Netherlands, but there are few other markets that are as attractive when it comes to revenue as domain names and the e-billing service is just a small part of revenue. We’ve also taken over an e-identity company with 12 million users, so we believe this will be a significant contributor to future revenue.”

Uniregistry, the other partner, operates .ky, the Cayman Islands ccTLD, along with 25 new generic top level in domains (gTLDs) in the global marketplace, including .link, .game, .mom and .photo.

The CIRA D-Zone Anycast DNS that the registries have signed up to use is built for resilience with a strong footprint at each node across a global, well-peered network that is recognized as best-in-class by some of the most discriminating buyers in the industry.

CIRA’s solution started with the needs of the .CA TLD at its heart, and is now finding great partners around the world who are committed to building a better internet for their users.

Establishing one or more secondary DNS footprints is considered an internet infrastructure best-practice that can help to mitigate the risks posed by DDoS that increasingly focus on DNS providers, where they can do the most damage. The DNS is fundamental to ensuring that websites, email, and web applications remain online and optimized for performance.