ISPs step up security management
Top four ISPs in USA, representing over 80% of consumer broadband, are announcing the adoption of new security precautions as advised by the FCC’s CSRIC.
CSRIC, for those of you that want to impress your geeky friends, is Communications Security, Reliability & Interoperability Council. Among the major commitments will be implementation of DNSSEC, botnet detection, client notification (when the botnet is detected) and route hijacking. Those that abide by the guidelines are placed on an FCC “white list” and here are the requirements:
- Education – an activity intended to help increase end-user education and awareness of botnet issues and how to help prevent bot infections
- Detection – an activity intended to identify botnet activity in the ISP’s network, obtain information on botnet activity in the ISP’s network, or enable end-users to self-determine potential bot infections on their end-user devices
- Notification – an activity intended to notify customers of suspected bot infections or enable customers to determine if they may be infected by a bot
- Remediation – an activity intended to provide information to end-users about how they can remediate bot infections, or to assist end-users in remediating bot infections
- Collaboration – an activity to share with other ISPs feedback and experience learned from the participating ISP’s Code activities
Sounds a lot like managed services, doesn’t it?
On the grand scale, this is just more of the MSPs responsibility being taken over by the larger providers and the cloud. On one hand, you could argue that this will impact the premium MSPs get for managing networks. However, this is just large providers policing their networks and there is still nothing (aside from the MSP) from making sure the clients network isn’t hijacked causing a major service interruption. Personally, all this does is raise awareness for the extent of the security problems and the cost it adds to IT overall.
Buy hey, it’s Friday.. take these suggestions and add them to the audit for your clients – are the firewalls secure? How about the DNS records, can they be transferred blindly? When was the last time passwords were changed, anywhere. ISP information, is there an updated contact sheet when it suddenly goes down or do we have to launch an investigation the next time issue comes up? The best network managers out there have this available to them instantaneously, do likewise.