Industry News

Australia Presents Customized Security Standard for .au TLD

The .au Domain Administration (auDA) proposed new criteria for domain-name registration meant to make Australian domain registries more secure.

Industry Advisory Panel has drafted auDa Information Security Standard (ISS) to help “registrars to manage and improve the security of their own businesses in a way that also protects the integrity and stability of the .au domain space“.

Australia Presents Customized Security Standard for .au

AuDa Information Security Standard stipulates that upon registration, the applicants will be asked to implement or develop a handful of security plans and policies. These include cryptographic controls, a regulatory-compliance register, a new information-security policy, an asset-management plan, human-resources policy and a physical security plan, along with thorough documentation on managing malicious code and vulnerabilities.

To even stand a chance, applicants should have no more than three areas of concern and zero non-compliance results. The areas of concern will need to be handled within three-months to grant them access to the assessment stage. Applicants with non-compliance results are still  given a chance, but they should have maximum two non-compliance results. If they mend these problems within three months, they can reapply for registration.

These drastic measures are still to be submitted to public consultation. In such a troublesome context of data leaks and aggressive spam and phishing campaigns, it might have a good chance of getting through this time.

About the author


A blend of teacher and technical journalist with a pinch of e-threat analysis, Loredana Botezatu writes mostly about malware and spam. She believes that most errors happen between the keyboard and the chair. Loredana has been writing about the IT world and e-security for well over five years and has made a personal goal out of educating computer users about the ins and outs of the cybercrime ecosystem.