Analysis Conducted By Secure64 Reveals World’s Leading Banks and Financial Services Organizations Have Not Yet Taken Basic Steps Toward More Secure DNS Infrastructure

DENVER – August 7, 2012 – Secure64 Software Corporation has completed a technical analysis of the world’s largest banking and financial institutions that reveals an industry-wide lack of progress in implementing security protocols that protect against fundamental vulnerabilities in the infrastructure that powers the Internet. The study of nearly 300 financial institutions in the United States and around the world determined that none of these organizations have implemented Domain Name System Security Extensions (DNSSEC), which have been endorsed as a critical element to secure cyberspace by a long list of organizations around the world including the FCC, the White House, the Department of Homeland Security, ICANN and many others.

Domain Name System Security Extensions (DNSSEC) provides authentication of the origin of DNS data, assurance of data integrity, and authenticated denial of existence – the three elements necessary to increase the security of the Internet’s DNS infrastructure. DNSSEC protocols have been embraced and implemented by the U.S. government and Internet infrastructure operators, but the financial services industry is behind the curve on protecting its DNS infrastructure and customers. Recent milestones in this momentum behind global adoption of DNSSEC includes U.S. federal government agencies’ implementing the security protocols, the signing of the .com domain, and the FCC’s agreement with major telecommunications companies to implement DNSSEC.
In contrast, Secure64’s research about the financial services industry showed that:
  • None of the organizations analyzed has fully deployed DNSSEC.
  • Only one organization in the study has signed its DNS data—a necessary first step in the process of deploying DNSSEC.
  • None of the organizations analyzed has established a chain of trust to their parent domain—another necessary step in the DNSSEC implementations process.
  • None of the commercial banks in the United States has taken either step towards DNSSEC deployment
“Considering the importance of on-line banking, the need for confidence in the security of the banking system, the recent DNS changer malware, and the risk to consumers and businesses from fraudulent activity, this is a bit surprising. Yes, the banking industry is behind, but the good news is that it’s fast and simple for financial institutions to get caught up,” said Steve Goodbarn, CEO of Secure64. “Our DNS Signer product makes DNSSEC implementation fast and simple by automating key generation, key rollover, and zone signing and resigning processes. The process is straight-forward, reliable, cost-effective and proven. There is no reason for the banking industry to hold off any longer on implementing DNSSEC.”
About DNS Signer
Secure64’s DNS Signer is a secure DNSSEC software appliance that works with an organization’s existing DNS infrastructure and automates all of the activities required to deploy DNSSEC. DNS Signer allows organizations to implement in days, not months; reduce deployment and maintenance costs; and retain their investment in existing DNS infrastructure. DNS Signer also reduces risk by eliminating signing errors that make network resources unreachable, which is a key need for the financial services field. Secure64 DNS Signer also addresses the need to scale to extremely large, dynamic environments by providing both incremental and bulk zone signing with extremely high signing performance—another key need for financial institutions. For more information, visit
About Secure64 Software Corporation
Headquartered in Greenwood Village, Colorado, Secure64 is a software developer providing the most secure DNS products available to its customers in the government and communications industry. Secure64’s patented technology provides mission-critical security and reliability with high throughput and low latency. It has been shown to be immune to compromise from rootkits and malware and resistant to denial of service and other network attacks. The company offers a suite of trusted and secure DNS software appliances for caching, signing and authoritative use. Secure64’s products are sold and serviced worldwide through Hewlett-Packard and their reseller network and directly by Secure64. For more information, visit