CLOUDPORT

View Original

Best Practices for Institutions to Secure Their Domain Name

Your domain name is the core component of your online presence. Choosing the most effective possible domain name for your website is completely critical. Your domain name is something  that deserves hours, if not days, of thought, and it’s no exaggeration to mention that, in some circumstances, making the incorrect choice can break a business.

What is a Domain Name?

Within the simplest of definitions, domain name is your website’s address on the internet.

First off, the power of domain names goes far above their ability to ‘address websites on the internet’. In fact, selecting the correct domain name can have a really serious impact on your website’s  and, therefore, your brand’s success

What is the  Difference between a Domain Name and Web Hosting ?

A domain name is your website’s address on the internet. It identifies the website and lets people find it with their browser.

Web hosting or server is the place where all your website data is stored, and from where the website can be accessed by your website users. Commonly, a web server is server software, or hardware dedicated to running this software, that can satisfy client requests on the World Wide Web

In other words, when a user inputs your website’s domain name in their web browser, that domain name is decoded to figure out what specific web server it points to. Once this is done, the website gets displayed to the user.

According to the recent CircleID post, DNS, Domain Names, and Certificates: The Missing Links in Most Cybersecurity Risk Postures, he highlighted the importance of applying multiple layers of defense to secure these business-critical assets. On January 22, 2019, Brian Krebs, the world-renowned cybersecurity journalist, reiterated the criticality of domain name security because the domain name "e-hawk.net" was stolen from the rightful owner using social engineering tactics targeting its domain name registrar.

In his post, “Does Your Domain Have a Registry Lock?” Mr. Krebs walked through the tactics and measures companies can use like Registry Lock to protect their vital domain names (see below). He also reiterated that an overwhelming majority of organizations, regardless of industry or geographic location, including the Forbes Global 2000 are at risk with less than 25% having adopted the Registry Lock Protocol.

How to Secure Your Domain name

  • Assign domain ownership to corporate entity

Never register a domain name under a personal person’s name. Doing so is to risk losing it if that individual leaves the institution. And reclaiming ownership of your domain could take years and plenty of cash. A domain name must always be registered to the name of a corporate entity, so its continuation is ensured no matter the individuals who come and go from the business. If online anonymity is a problem for you, you'll always activate domain privacy, a simple and cheap way to hide your personal details. 

  • Use a domain registrar that is trustworthy 

Use a domain name registrar that is reputable, not a small-scale business which features a higher chance of going out of business, thus placing your name in danger. Choose a provider who has considerable market experience and might guarantee maximum domain name stability. Domain registrar like GoDaddy, Domain Name, Bluehost, Name cheap are some recommended domain registrars

  • Always Have your Domain Name Locked

Never leave your domain name “unlocked” because, by doing so, you risk the likelihood of it being transferred to somebody else. Lock your domain name through the domain name management system as soon as you've secured your registration.

  • Choose A strong Password

The choice to use a weak password remains a top data security threat. Do not choose a simple password to be used along with your registrar account. Weak passwords like continuous number sequences, your birthday, or your child’s names pose a serious risk to your domain name’s security. Generate a password that features a least one numeric value, one symbol and a minimum of two randomly selected letters, so guessing it becomes next to impossible.

  •  Ignore and  Report Offensive Messages

Scrutinize domainers' insistent request emails. If in rare cases they insult or threaten you, report them to your email provider and registrar, or to the domainer's ISP if it's available. Defamation and menacing are crimes and may be persecuted by law.

  • Register Your Domain Name for a long period of Time

Always register your domain for the longest amount of time available, usually more than 5 years. If you forget to renew your domain name, you run the danger of losing your domain name. A missed domain name renewal can result in a high cost of renewal. Avoid shorter registration periods at all costs. Activate auto-renew and don’t ignore those renewal reminder emails that we send.