May 17, 2018

With the proliferation of websites and domain registrations, it’s critical to protect your company.

There is something out in the cyber world known as domain name hijacking. It refers to acts where a registered domain name is misused or stolen from the rightful name holder. hijacking is a security risk many organizations overlook when they develop security policy and business continuity plans.

Domain name holders can take measures to protect their domain names against theft and loss. Here are five simple rules your company should follow to avoid tremendous irritation and costs in the future:

1. Pick a major registrar. There are many domain “registrars” and some are fly-by-night organizations. Although you may be lured by the “$19 special,” it’s a good idea to break down and spend the $35 a year that it costs to go with a major registrar, like Network Solutions or Register.com. These registrars aren’t going anywhere and they have huge support organizations. More importantly, they have highly developed, user-friendly tools that allow you to manage, amend and transfer your domain in a matter of minutes. Don’t trust your registration to an organization that might go “belly up” in the next 30 days.

2. Register yourself. The major registrars noted above have simple sites where even Internet novices can easily buy a domain. Don’t delegate the process to outside vendors, website developers, ISPs or low level personnel, unless they are IT personnel working under your explicit directions.

3. Handle the “big four” jobs yourself. When you register, you’ll be asked to identify four contacts which have varying responsibilities over the domain. These are the registrant, the administrative contact, the technical contact and the billing contact. Put yourself down for all four. Why? The registrant is the lawful owner of the domain and the most critical entity listed. There is no legal or technical reason why any third party should have control over the domain, including your ISP or developer. More importantly, make sure that you and you alone have e-mail control over the domain.

4. Pick a long-term e-mail and physical address. The registrar will ask for your e-mail address. If you have several, pick one that you know you’ll hold onto for a long time. While the term “long-term e-mail” may be an oxymoron, you probably have an e-mail account that you plan to keep for many years. The same is true for your physical address. Mailed notices will be sent there by the registrar. It’s critical that you get them. Calendar or “docket” all renewal dates well ahead of time.

5. Monitor the registration. On a periodic basis (no less than four times a year), you should check on the registration to make sure that there have not been any improper or unauthorized changes, like someone altering the contact information. This can be accomplished using the “WHOIS” feature, which provides the pertinent data about all domains. (WHOIS can be found on the Network Solutions website as well as those of other major registrars). Immediately report any unauthorized changes to your registrar.

Bottom Line: Register you domain name as soon as possible before someone else takes it. And keep in mind, registering doesn’t protect trademarks. Business owners should also file for trademark registrations as soon as possible and develop a strategy to protect them.

© 2018