The National Cyber Security Centre (NCSC) has launched a mobile version of Protective Domain Name Service (PDNS) for the public sector.
Named PDNS Digital Roaming, it is aimed at protecting staff in using devices from any location.
It has been developed with NCSC’s delivery partner Nominet, as a small application for Windows 10, which can detect when a device is outside of its enterprise network and redirect DNS traffic to PDNS using the encrypted ‘DNS over HTTPS’ protocol.
NCSC has provided steps for its deployment within its knowledge base, covering group policy, SCCM (system centre configuration manager) and Microsoft Intune, and said it plans to make more options available. Devices are authenticated using client certificates.
It added that PDNS Digital Roaming has been designed to be compatible with existing content filtering solutions but that it encourages testing. It is available through the PDNS portal.
The core PDNS was launched in 2017 as a defence against the danger of importing malware through preventing a system finding websites that have been identified as malicious.
Changing environment
The PDNS service manager, named as Matthew B, said: “To all intents and purposes, the vast majority of sites used to deploy and control malware are non-existent if you're looking for them from a public sector building covered by PDNS.
“But in a post-Covid environment, many public sector workers are not at their usual working locations. They're working remotely, using unprotected DNS, so they could have been able to find and connect to those malicious sites. PDNS Digital Roaming has been designed for just this situation.”
Image from NCSC, Open Government Licence v3.0
