Cybersecurity professionals lament losing of access to WHOIS database
January 4, 2019
[EXCERPT] One of the tools that cybersecurity professionals have historically relied on is access to a WHOIS database, a publicly shared list of records relating to domain names that includes the dates when these were registered, updated, or are due to expire as well as contact details such as the names of individuals or organizations, physical location, phone number, and email address of the domain owners and the IT staff tasked with maintaining them.
But now much of that data is being removed to comply with the mandates of the General Data Protection Rule (GDPR) rule enacted by The European Union. Without access to that data it becomes a lot more challenging to white list domains of known trusted entities versus all the fake domains that cybercriminals rely on to launch malware that needs to communicate back to a command and control mechanism somewhere on the Web.
WHOIS provides valuable information that gives cybersecurity analysts a fair amount of context in terms of how likely it is that a given domain is good or bad, notes Harold Byun, vice president of products and marketing for Baffle, a provider of data encryption tools. Restricting access to this information results in a valuable loss of information that cybersecurity teams can use in their arsenal to counter attackers, adds Byun …
Join our newsletter
Schedule a Demo with the Baffle team
Meet with Baffle team to ask questions and find out how Baffle can protect your sensitive data.
Easy
No application code modification required
Fast
Deploy in hours not weeks
Comprehensive
One solution for masking, tokenization, and encryption
Secure
AES cryptographic protection
Flexible
No impact to user experience