Vendor Selection Matters in the Domain Registrar Ecosystem

This article has been indexed from CircleID: Cybercrime

Domain name abuse is one of the most dangerous and under-regulated issues in digital business security today. Many of the largest companies in the world still lack basic domain security protocols, making them prime targets for bad actors. An attack on a domain can lead to the redirection of a company’s website, domain spoofing, domain and domain name system (DNS) hijacking attacks, phishing attacks, network breaches, and business email compromise (BEC).

Yet today, there are still some large brands using consumer-grade registrars that cater to individuals, entrepreneurs, start-ups, and very small businesses and organizations. Why? As mentioned by my colleague Vin D’Angelo in Infosecurity Magazine, the question brand owners need to ask themselves this year is — is their domain registrar a friend or foe?

Consumer-grade domain registrars offer very transactional relationships with their clients, and don’t go through the thorough review process an enterprise-class provider does. They don’t offer solutions to mitigate all the digital risks of domain spoofing, domain/DNS hijacking attacks, sub-domain takeovers, and phishing attacks. In addition to the lack of security, the hard truth is that consumer-grade domain registrars have been proliferating typosquatting, domain name auctioning services — often infringing upon other brand names — and name spinning services. These registrars monetize the goodwill brand owners have worked hard to establish, creating a revenue stream for themselves rather than protecting their clients.

On the other hand, enterprise-class domain registrars put the security of the companies’ digital assets first and foremost; they understand the threats that exist within the complex domain ecosystem, because they’re managing the domains of some of the largest brands in the world. A good enterprise-class domain registrar should provide their large, global, corporate clients with value-added services, including various levels of security solutions to help mitigate the risk of attacks. In addition to domain security, their mission should be to understand the needs of their corporate clients and protect brands from online IP infringements, brand abuse, and fraud. They should have dedicated staff supporting their clients 24x7x365 with office locations around the world.

Three business prac

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

Read the original article: Vendor Selection Matters in the Domain Registrar Ecosystem