Not sure if this belongs here but it seemed like the best place for it. I am wondering if anyone has an opinion on allowing supplier access to DNS. I am getting directed to provide credentials for it by our head office (I work in a Countries Head Office).
To be honest its making all my hairs stand up on my neck and pushing back isn’t working. Apparently Head of IT couldn’t see any issues, and thought it would reduce his busy work load (obviously 5 minutes to login and setup the records was to much).
Normally suppliers would send the requested changes to me, and I would set the records up. I could understand if you don’t have any IT in house giving access.
I can’t see how you could prevent them from breaking stuff (my main concern is if an attacker gains access TBH). Its a website project and they need access to the root level of the domain. Does anyone know any DNS hosting server where you could restrict users to what records they can break?
Cloudflare seems to be either full DNS access or no DNS access (and only on the enterprise accounts).