Who is behind .auCheck?
.auCheck is an initiative of the Australian Strategic Policy Institute (ASPI) in cooperation with auDa. ASPI is an independent, non-partisan thinktank. Its core aim is to provide the Australian Government with fresh ideas on Australia's defence, security and strategic policy choices. auDA is a not for profit organisation that works with industry, government and the Australian and international internet community to develop and administer the rules for domains in the .au.
Should you wish to contribute to .auCheck or become a partner, please contact us to discuss options.
What is .auCheck?
.auCheck provides a series of tests that check whether your internet services follow standards advised by the Australian government and are up to date. Do your website, email and internet connection use the latest and secure internet standards? And if they don't, what can you do about it?
.auCheck is a non-commercial, independent and free service. Our mission is to empower users, in particular Australian small businesses, to ask the right questions and request up-to-date services from their providers.
Why is it important to be up to date?
Threats develop constantly as criminals advance their techniques and new vulnerabilities are discovered. Therefore, mitigation measures are continuously developed and updated. Using internet standards will not protect you from every threat, but it does provide a layer of protection for the most common cybersecurity incidents.
Taking simple measures at scale, such as adopting the standards advocated by .auCheck, will make the Australian internet a more secure place to connect online and do business online. Now that so many people and businesses have adopted e-commerce as a primary channel for connecting to customers and selling goods, maintaining basic internet security is important. It will allow us to ensure the trust and confidence of clients and providers and enable business continuity.
How did .auCheck decide on the standards it’s promoting?
The standards that .auCheck is checking are based on standing guidelines and advice from the Australian Cyber Security Centre accompanied with additional international best practices. Our choice of tests, weighting and recommendations have been validated through consultations with a wide variety of stakeholders in the Australian internet community representing business, technical communities and governments.
ASPI is indebted to the many stakeholders in the Australian internet community who have spared their time and share views and recommendations for the development of .auCheck. In particular, we like to extend our appreciation to colleagues from Asia-Pacific Network Information Centre (APNIC), Internet Society, the Australian Cyber Security Centre and the Australian Government Department of Home Affairs. The content of .auCheck, however, remains fully our responsibility.
Is Australia leading in adopting secure internet standards?
Unfortunately not. While various organisations and community initiatives try to convince people to be more proactive, it has proven to be a hard sell. In Australia we still use many standards, for instance versions of encryption, that are outdated and therefore lack security and reliability. Also, some standards that are common practice elsewhere have not received a big uptake here such as DNSSEC.
Conversations about internet security and standards easily turn very technical with most people tuning out. That’s understandable .auCheck tries to help inform the conversation between the user (what do I need? What do I get?) and their internet service providers. The latter group of companies should be at the forefront of closely following Australian government guidelines and implementing international good practices.
Why was .auCheck launched?
The idea for .auCheck is based on the pioneering work of Internet.nl in the Netherlands which was promoted by the Global Forum on Cyber Expertise and also draws inspiration from the WebCheck application of the UK National Cyber Security Centre. . .auCheck is built with the Internet.nl software code and complemented with additional open source tools.
Internet.nl is an initiative of the Dutch Internet Standards Platform. This voluntary public-private committee aims to increase the use of modern Internet standards to make the Internet more accessible, safer and more reliable for everyone. The public tests are a tool to this end. In parallel, the Dutch government mandated all central government domain names to be fully compliant with the Internet.nl tool under the “apply or explain” regime. Data from the tool is used as input for their annual Cybersecurity Assessment.
As part of the UK’s Active Cyber Defence program, the National Cyber Security Centre launched WebCheck and MailCheck offering limited public sector bodies access to automated checks for common vulnerabilities and misconfigurations. Similar to .auCheck, they tell you what you need to worry about, when you need to worry about it and what you need to do about it.
Is ASPI releasing a tool that helps criminals scan websites and emails for vulnerabilities?
No. Criminals or hackers - and anyone else - have access to other tools to search and scan at much greater scale. .auCheck does not offer users with malicious intent any benefit.
Instead, .auCheck is designed to help empower users without a technical background to have an informed discussion with their domain registrar, web host, internet service provider or IT contractor.
Can .auCheck be misused or misappropriated?
.auCheck is a public resource and is guided by the Terms and Conditions listed on the website. Misuse or misappropriation would violate the T&Cs and would result in appropriate response measures. .auCheck is adhering to its own recommendations and the tool’s IT set-up is equipped with appropriate security features to prevent misuse or misappropriation.
Open Source
.auCheck is built with the Internet.nl software code and complemented with additional open source tools. Except where otherwise noted, content on this website is licensed under a Creative Commons Attribution 4.0 International license. The software source code of Internet.nl is published under the Apache License, version 2.0 on Github.
Technical partner
The back-end development of .auCheck and the UX designs are managed by Addaxis, an Australian, Canberra-based technology company. Please find their website at www.addaxis.ai.
Name and logo
The name .auCheck and auCheck and the logo and designs are excluded from the above Creative Commons licensing and they belong to the Australian Strategic Policy Institute. When you would like to use our name and logo, please contact us to acquire consent.
Artwork and design
The artwork of .auCheck was created by IB.Creative, Indigenous Creative Agency, Canberra. If you like it, please visit their website at www.impressionbay.com.
