Security standard for Australian registrars "onerous"

A proposal to create a new security standard - among a raft of other certification standards - for companies that wish to sell dot-au domains has been criticized as "onerous". The plan to introduce an Information Security Standard (ISS) as a "world first" was proposed by auDA last month alongside a further 11 measures that would provide a certification standard for registrars. The idea resulted from a security breach last year at registrar distribute.IT that ended up ruining the company after all its customers website files were deleted, including backups. The plan has been broadly welcomed by the industry (which only comprises 40 or so registrars) but CEO of NetRegistry, Larry Bloch, told ITWire that he thought the approach was "overkill" and could result in the loss of 50 percent of the market as they struggled to deal with the extra provisions. The proposal itself is contained in an appendix to an issues paper that looks at a number of different issues. The paper stresses at several points that any new provisions would come with support from auDA but also warns that a failure to reach the required standard would see companies suspended.