Best Practices to Secure Company Domain Names
Last month an Arizona man was sentenced for holding his former employer’s domain name hostage and asking for $10,000 to return the domain name. The man managed the domain name for the company when he was an employee there. He retained the account details when he left.
While stories like this rarely make the news, they’re more common than you probably think. It’s important for all companies—regardless of size—to have a plan in place to prevent their domain name from being held hostage.
Here are some things you can do:
Single-owner companies
You have plenty to do if you’re the owner of a small business, so it’s natural that you want to delegate registering and maintaining domain names to the person managing your website.
And domain names are inexpensive, so what’s the risk to you? Be careful about that line of thinking. The price you pay for a domain name is very different than the value it has to your company. Your domain is your brand, your lifeblood online, and vital to keep your website up and your email running.
Bottom line: if you own your company, you should personally own and control your company’s domain names. Don’t let an employee or consultant handle this for you or you could end up like the company in Arizona.
Bigger companies need robust security protocols
At large companies, there should never be just one person with the keys to the company’s domains. It’s better to assign control to a secure e-mail address at the company that several people can access. Be sure to change account and email credentials whenever an employee who had access to the account leaves the business.
Beyond that, it’s wise to have an overall robust security protocol in place. Just like you wouldn’t let one employee have access to your company’s most important systems, a protocol should be in place to require checks before an employee can make a change to your domain name.
Stop outside thieves
You should recognize potential security threats from within as well as beyond your company walls. Once you have your domains locked down with employees, you need to make sure people outside your company can’t hack in and steal your domains or alter their records.
There are two things you should do to reduce the chances of this happening:
- Use two-factor authentication. Learn more about what this is and how to turn it on at Namecheap.
- Turn on domain lock. Domain lock (free) prevents your domain name from being transferred to another domain name registrar without your authorization. Here’s how to turn it on.
Let Domain Vault do the work
With news of hacks and data theft seemingly every day, now is a great time to make sure you aren’t overlooking domain name security risks. The steps outlined in this post will help secure your domain names. Even after you follow these steps, it’s important to remain vigilant.
We recently introduced Domain Vault. A new product that combines several key security features for domains, including registry lock. It means only authorized persons can ever make changes to crucial settings for your domain, and when changes do need to be made, the person requesting them will have to go through levels of machine and human verification before they can. Find out more about how Domain Vault can change your domain security.