Cybersecurity has become an increasingly prevalent issue, especially due to the high number of online attacks during the pandemic. Despite a surge in spending by many organisations to bolster their network security, there often remain overlooked elements which continue to be vulnerable. One such element is time synchronization.
The importance of time in your network systems cannot be overstated, being pivotal for processes such as authentication and producing log files. These processes make it possible for you to detect and investigate cyberattacks. Time synchronization of system clocks is therefore a vital component of network security.
There are two methods of using NTP (Network Time Protocol) to synchronize time across your network: either a dedicated local NTP time server or an internet NTP time server. Despite being widely available and free, NTP internet time servers come with several drawbacks which must be taken into consideration. Even when using a server operated by a reputable organisation, there are still issues which can impact accuracy and security.
The Effect of Network Conditions
One major issue with internet time servers is that their accuracy is affected by factors such as network load and firewall configuration. The scale of inaccuracy when using NTP over the internet can be one thousand times greater than when using a local time server. Although only fractions of a second, variances such as this can still cause issues. To make matters worse, network traffic levels can change, so the accuracy level would vary. All of this also assumes that internet time servers are an accurate source of time to begin with, which isn’t always the case.
Internet Time Traceability
Any organisation maintaining network security will want to know the validity of all incoming data, especially when coming through an open firewall port. This immediately creates an issue if using internet time servers.
GNSS time servers are considered the most accurate, reliable and secure sources of time. Local GNSS (Global Positioning System) time servers are easy to connect to a network and produce logs to create an audit trail. Even functioning over the internet, they will always supply the same time no matter where they are located in the world.
When you select an internet time server, it’s impossible to know which time source it’s using. It might utilise GNSS time, but with a range of different time sources available, there’s simply no way to tell. In some cases, the original time source can be filtered through several different time servers before it becomes publicly available, creating additional steps where inaccuracies can accrue and security could be compromised.
Internet time is sometimes sourced from NTP server pools, rather than a single server. An NTP server pool is a virtual cluster of time servers, operating together to lessen the impact on synchronization should an individual server clock suddenly cease to operate or become wildly inaccurate. Although useful in providing a more reliable service, traceability becomes a murkier issue as server pools make it even harder to identify which time source is being used.
The End Result
There is no doubt that relying on the internet to synchronize time across your local network can cause issues. Unreliable accuracy combined with the lack of transparency when it comes to identifying the time source make it a less-than-ideal solution. This is before you consider that internet time servers can be the target of malicious online activities themselves, such as spoofing (where a time server is tricked into receiving the wrong time) and denial of service attacks.
When synchronized time needs to be accurate, secure and reliable for the continuous operation of your business, the only solution is a local GNSS time server.