There’s no question that a company’s domain name is one of its most valuable assets. It isn’t just a Web address; it’s a true representation of your brand’s online identity. As with all valuable assets, it needs to be protected against online abuse and theft.

The landscape is filled with multiple hosting companies, registrars, extensions and service providers, which can be overwhelming, and cause an organisation to make a mistake that could affect its business.

Angel Selebano, head of communications and awareness at the .ZA Domain Name Authority (ZADNA), said there are several steps businesses should take to secure their domain name.

“Firstly, it is advisable for businesses and brands to register their domain names under a corporate entity’s name as opposed to having an individual listed as the registrant of the domain. This alleviates the risk of losing the domain to a particular individual in the event of irreconcilable differences.”

According to Selebano, what many businesses don’t realise is that regaining ownership of a domain that is now outside the company’s purview could end up being a lengthy and costly legal process.

“Businesses should also ensure that their service providers are not the ones that are listed as domain name holder/registrant. This will ensure that there is business continuity should the business decides to change from one service provider to another that offers the same services.”

Next step

The next step, said Selebano, is choosing a trustworthy and reputable domain name registrar, and one that is accredited to register .za domain names. .za has over 400 accredited registrars and it is also important to note that there are SMEs who are approved resellers of .za domain names, though they are not featured on the list of accredited .za registrars. These are smaller entities that are reselling domain name packages on behalf of the accredited Internet service providers. It is therefore important to authenticate the legitimacy of any business prior to engaging in any business transactions or contractual agreements with them.

“Something else that is crucial to domain name safety is remembering to renew your domain name annually. Failure to renew your business domain can deal you a crippling blow. What if someone else registers your domain name upon its expiration, subsequently deletion, resulting in you losing your online identity, e-mail access and contact with your customers? It is prudent to ensure that your registrar enables an auto-renew on your domain,” said Selebano.”

Similarly, Selebano said companies should provide more than one person’s contact details when registering a domain name. “In the event of a disaster, or should one of these individuals lose access to the contact e-mail, the account can be easily retrieved by one of the others. In addition, ensure your domain name is managed with a backup contact e-mail address.”

Domain name scammers are constantly creating domain names that are misleading to the general public and, in most cases; the intent is to defraud a potential customer or to pose as a particular brand. “An abusive domain name is a domain name that is registered to take unfair advantage of another person’s/brand’s rights; or to be detrimental to; or infringing of another person’s/brand’s rights,” said Selebano.

The regulator cautioned Internet users against any form of online abuse and crime; and encouraged citizen to avoid abusive practices or use of a domain name such as:

Distribution of child pornography: Websites that harbour child pornographic content are deemed as an abusive domain name registration.
Phishing: The use of counterfeit websites to commit theft or fraud by tricking recipients into divulging sensitive information such as usernames or passwords.
Pharming: The redirection of unknown users to fraudulent sites or services, typically through DNS hijacking or poisoning.
Fraudulent websites: The use of websites designed to mislead users as part of a fraudulent scheme, such as an “advance fee fraud”.
Wilful distribution of malware: The dissemination of software designed to infiltrate or damage a computer system without the owner’s informed consent. Examples include but are not limited to computer viruses, worms, Trojan horses and key loggers.
Malicious fast-flux hosting: Use of fast-flux techniques to disguise the location of websites or other Internet services, or to avoid detection and mitigation efforts, or to host illegal activities. Fast-flux techniques use DNS to frequently change the location on the Internet to which the domain name of an Internet host or name server resolves.
Botnet command and control: Services run on domain names that are used to control a collection of compromised computers or “zombies”, or to direct denial-of-service attacks.
Spam: The use of electronic messaging systems to send unsolicited bulk messages, whether commercial in nature or not, and whether transmitted by e-mail, instant messaging, website or Internet forums, or by any other means.
Illegal access to other computers or networks: Illegal accessing of computers, accounts or networks belonging to another party, or attempting to penetrate security measures of a system to which access has not been granted.

These are some basic steps toward helping your organisation strengthen its domain name security, and mitigating against the major threats which could see you avoiding legal wrangles, or in a worst-case scenario, losing your business. Your domain name is crucial. Always ensure its security is treated as a priority and domain name holders should always be mindful of the safety and protection of children online.