Intelligence Part 2 – How secure is your domain portfolio?

The security of a domain name portfolio is a critical yet often overlooked aspect of brand protection and good governance of managing intellectual property. In today’s digital landscape, where cyber threats are constantly evolving, ensuring that the domain names you own are protected is more important than ever.

Without the implementation of security measures, your domains could be vulnerable to hijacking, phishing attacks, unauthorised transfer of ownership or simply loss of service, potentially leading to severe consequences for your business and reputation.

By understanding the risks and implementing the necessary domain security measures, brand holders can significantly reduce the risk of domain-related incidents and ensure revenues and reputations are protected and enhanced. But what does a domain name security strategy look like in practice?

Most domain portfolios grow over time, reflecting the changing environment that businesses operate in, it is critical that brand holders regularly review the names they have under management to ensure they are still protecting valuable intellectual property, supporting revenue-generating digital channels, and enhancing global marketing efforts.

As standard, all domains should be set to auto-renew to ensure that there is no chance that any names are dropped during the renewal process and potentially re-registered by cyber squatters. With some ccTLDs having complex rules and regulations around ownership, working with an experienced registrar to has the expertise to navigate these potentially tricky processes is vital, which is why auto-renewal is the default option on all domain names that an organisation intends to retain.

Naturally, there should be a regular reviews of the portfolio and of the value of each domain name through its life cycle. Domain names are often registered for a specific reason, which may then change or depreciate over time, reducing (or enhancing) the value to the organisation. Through the use of Com Laude Intelligence, not only are those domain names that hold the highest value to the organisation identified, but too are those which appear to be delivering little, or no value.

Reviewing all expiring domain names three months in advance is a key stage in the practice of “Right-sizing” a portfolio, ensuring that only those domain names that return a value (whether that is measured in terms of revenue generation, or brand protection) are renewed, whereas any that don’t make the grade, have their auto-renew instruction removed and are allowed to expire.

For those domain names that are set to expire, it is vital that the DNS records are checked to ensure there are no future risks, removing any settings before the domain is allowed to lapse. Dangling DNS records can create major risks to an organisation on a number of fronts. If lapsed domain names still have active DNS settings, a cyber attacker may be able to register the domain name on expiry and gain control over those resources. This can apply to MX records, for instance, potentially allowing a bad actor to intercept email communication or even lay the foundations for social engineering and phishing attacks. With many organisations utilising multiple DNS vendors, ensuring there is a standard process for “cleaning” the domain records before expiry is not just good housekeeping but a critical step to ensure revenues and reputations are protected after the domain name is lapsed.

For those domain names that are seen as mission critical to an organisation, additional layers of security should be considered to ensure any potential nefarious action is mitigated. A number of Top-Level Domains offer Registry Lock, including those managed by Verisign, Nominet, Afnic and Eurid, which prevents any accidental, or malicious updates, including domain transfer, deletion, or DNS changes. Multi-factor authentication processes are used to ensure that only authorised personnel within the registrar and the registry can make changes to those domain names locked in this way.   In mid-July, a major Web 3 domain name company saw their registrar account hacked and their core domain redelegated at the registry level as they did not have a registry lock in place.

Com Laude Intelligence will identify domain names that are key to the organisation, as well as those that could be locked at the registry level. Creating a simple security protocol for those mission-critical domains becomes a simple job through the insights that Intelligence can provide.

Whilst having a domain name security policy is essential for any organisation, the most common weakest link in cyber security defences is human in nature. Ensuring that key, relevant staff are kept up to date in terms of domain name processes is one important step, but it is also vital that all staff are educated on the dangers posed by social engineering and phishing.

Com Laude Intelligence is able to provide a live, visual view of the health of your domain name portfolio, and the security measures in place to protect your critical digital assets, ensuring that your online presence remains protected against ever growing threats.