Domain Security is Overall Business Security

Domain Security

Your business domain enables you to conduct business in our modern digital marketplace. The protection of your business domain is as important as the protection of your physical business assets.  Domain security not only protects you, it also protects your customers. In fact, thorough domain security positively correlates to increased consumer confidence.   Further adding to the list of benefits you can expect from domain security, search engines reward domain safeguarding measures. So what can you do today to secure your domain?

The Key Terms

First, let’s cover a few key terms and make sense of the alphabet soup on this subject matter.

Domain –  At the risk of sounding elementary, but because we’re covering it all, we’ll start at the beginning.  A domain name is the address of your website. It maps to an IP address, which is your exclusive, unique location on the internet. The domain name is typically comprised of your website name (i.e. Local Leap Marketing) and the domain extension (i.e. .com, .org, .edu, etc.).  An organization called ICANN (Internet Corporation for Assigned Names and Numbers) organizes and assigns domain name extensions.

DNS – The term DNS stands for Domain Name System.  This is the system for mapping IP addresses to domain names.  In a nutshell, it translates the numbers in IP addresses over to the domain name.  Your customers don’t have to know all the numbers.  They just have to remember your name.

DNS Hosting Provider –  The DNS Hosting Provider is the enterprise that hosts the servers that connect users to your site. This shouldn’t be confused with a Web Hosting Service Provider who hosts the files of your website.  As we noted above, the DNS Hosting Provider translates IP address language, connecting users to your website.

Web Hosting Service Provider – The Web Hosting Service Provider has the technology needed to deliver your website to an end user online. Basically this provider holds the files of your website on their server.  In order to make the website delivery process happen, they tie to your domain. DNS hosting is a prerequisite for web hosting.  You cannot have a website without a domain.

DNS Registrar – Accredited by ICANN, DNS Registrars manage the selling of domain names. No one can just go and select a domain name and start running with it.  If this were the case, we’d have a bunch of overlap and territory conflict.  We all need to be plugged into the DNS system so our name mapping ties to our IP address and our people can find us.  Businesses can find a wide selection of accredited DNS Registrars, including the ever-popular GoDaddy.  Many consumers use their DNS Registrar as their DNS Hosting Provider and some will also choose a DNS Registrar who provides Web Hosting services, but all three of these could be independent parties.

CyberSecurity – Merriam-Webster defines cybersecurity as “measures taken to protect a computer or computer system against unauthorized access or attack.”  For our purposes here, we’ll narrow the definition to protection of unauthorized access to or attack of our domain.

HTTPS – Deep in the alphabet soup now, HTTPS stands for Hypertext Transfer Protocol Secure.   Contrast it with HTTP, noting the absence of “secure”.  HTTPS is the sharing of encrypted communication over a computer network.  The encryption technology used most commonly today is Transport Layer Security (TLS), SSL was its predecessor and you still see this term (and sometimes the technology) in use today.  The primary features or benefits of HTTPS are 1.) proof of authentication of the accessed site and 2.) privacy of data exchanged.  Proof of authentication is typically acquired via a third-party certification.  You might have bumped into this process if you’ve ever accessed an HTTPS site with an expired security certificate and received a pop-up warning.  We’ll explain how this definition fits in the conversation a little later below.

The Nuts and Bolts of Domain Security

With the foundation of key terms in place, let’s walk through how you can best protect your business domain.  We’ll begin with what is at risk.  If someone has your domain registration account information, they could, say, lock you out of your own website or direct your website visitors to a different website.  Breaching your domain-name email system, they could access the contents of your emails and even redirect your email correspondence.  This hacker could gain access to business and customer data stored on your website. Regaining control of your domain can be time consuming and costly. Furthermore, it can damage your business reputation.

Good Domain Management

Domain security begins with good domain management.  Best practices for good domain management include:

  • Staying on top of domain renewals.  Generally domain registrations run for a year.  As the business owner, you want to be aware of your renewal cycle.  Set a recurring annual reminder on your calendar to keep up with renewals, or partner with a Search Engine Optimization (SEO) Firm that offers domain management services.
  • Keeping your contact information up to date with your domain registrar.   You want the registrar to be able to alert you quickly should they come across any suspicious activity.  Changes to contact information can typically be done online.
  • Maintaining domain account security.  Consider these best practices:
    • Employ a password manager, such as LastPass or Zoho Vault, to generate and safely store random passwords.  Never use birth dates, anniversaries or predictable sequences.  Avoid using your domain account password for other accounts.
    • Set up 2-Factor Authentication so that more than a password is needed to access your account.  For example, SMS Authentication as a second factor would require that the individual seeking to access your domain account have physical possession of your personal mobile phone, in addition to knowing the domain account password.
    • Never give your account login information to anyone.  If someone such as your website administrator needs access, use your account administrator feature to grant the appropriate level of access.
  • Properly securing any email accounts tied to your domain account. Securitization efforts should include:
    • Routinely changing email account passwords.  This includes everyone in the enterprise.  The incremental effort is worth the added protection.
    • Partnering with a reputable email exchange provider.  Consider using a local email service hosting provider if you anticipate the need for frequent counsel and/or support.
    • Never allowing the email associated with your domain account to expire.

Added Layers of Security
Beyond the basics outlined above, there are additional steps you can take to protect your domain.

  • Choose an enterprise-grade DNS hosting service provider with hosting redundancy.  If your DNS host goes down, access to your site, and possibly your website and email can go down.  Downtime opens you up to possibly breaches of security.  Redundancy means the primary system can fail but a backup kicks in immediately.
  • Add a registry lock to the domain account.  Most domain registrars offer a lock feature which requires manual authorization from the domain owner before any changes can be made to the domain.
  • DNSSEC, or Domain Name System Security Extension), is protocol that authenticates and secures DNS server communications.  You can enable DNSSEC through your DNS registrar and web hosting service provider.   This added layer of protection is typically available to you free of charge and can often be obtained by checking a box during service set up.  Contact your providers to confirm your coverage, or consult with a trusted digital marketing strategist.
  • Consider purchasing a domain monitoring service to receive alerts whenever your domain name is changed.  If you choose to forgo a monitoring service, make it a point to log in to your account from time-to-time to verify everything is as it should be.
  • Secure your website, because a secure website defends against domain vulnerabilities.
    • We covered HTTPS, or communication encryption, above.  Communication encryption protocols (TLS/SSL) protect data transfers between you and your clients as well as intra-company data transfers.  This encryption is obtained via a CA, or Certificate Authority.  Often, your web hosting service provider can facilitate the certification acquisition process, though you can procure encryption certifications directly through consumer-facing CA providers like Verisign and GoDaddy.
    • Install and maintain quality anti-virus/spyware software on your servers and individual terminals.
    • Keep your security software and extensions up-to-date. Where possible, set up automatic upgrade installations to take advantage of the latest technology.
  • Finally, always be on the lookout for scams.  Sadly, the nefarious actors of cyberspace continue to hone their nefarious skills.  Emails can look official, up-to and including branding image knock-offs.  If something seems suspicious, assume it is and take precautions.  Never access your domain account from a link in an email.  And never provide credentials requested via an email.

Protect What is Yours

Your domain enables you to conduct your business in the modern digital marketplace.  Your domain is key to the overall reputation of your business.  Domain protection is crucial to your business success.  Make good domain management a routine business practice.  Take some time to investigate which added layers of security are right for your business.  Consider partnering with a full-service SEO service provider to holistically manage both your digital security and your digital strategy.  The resulting protection and peace of mind will ensure productive business for your enterprise. Contact us today for more information about securing your domain!