Informative article on the importance to security of running NTP servers:
“If you want to operate a secure environment you should use your own on-site stratum 1 NTP servers along with authentication. This is the only way to eliminate time spoofing attacks from the outside. Don’t reduce your overall security to a stateless and unauthenticated (read: easy-to-spoof) network protocol!
Using unknown NTP sources on the Internet opens at least two attack vectors: 1) The NTP source itself could deliver invalid timestamps while 2) the UDP packets could be spoofed on the way through the Internet. Using your own servers with NTP authentication thwarts both vectors.“