In 2008, the Office of Management and Budget directed federal agencies to improve their domain name server (DNS) security by implementing DNS security extensions (DNSSEC), but 15 months later, many are still struggling to get there. The good news is that since OMB's December 2009 deadline passed, agencies are starting to catch up, taking advantage of both products and services coming on the market to make it easier to apply DNSSEC.
Agencies were "caught with their guard down because they were unprepared to deal with it," said Branko Miskov, director of product management at DNS appliance maker BlueCat Networks, which is working with several agencies on DNSSEC deployments.

"We've made pretty good progress, especially from December until now," said Derek McUmber, chief executive officer of Data Mountain Solutions Inc., a subcontractor to the General Services Administration, which supports agencies in implementing DNSSEC. About a third of federal agencies now have digitally signed their dot.gov sub-domains, he said, up from only 20% six months ago.

The link for this article located at Search Security is no longer available.