What is Domain Security?
Domain names make internet protocol (IP) addresses more accessible by providing a name that is easier to remember than the string of numbers in an IP address. The domain name system (DNS) is a digital directory that stores and provides information about which domain names correspond to IP addresses. When you enter a domain name or URL into a web browser, the browser uses the DNS as a directory to match the domain name to the correct IP address; it then uses this information to retrieve the website associated with the domain.
The domain associated with your organization’s website (e.g., www.YOURCOMPANY.com) and your organization’s email addresses (e.g., YOU@YOURCOMPANY.com) is a critical part of your organization’s identity, so it is important to protect them from cyberattacks. Domain security threats include:
- Domain hijacking
- DNS hijacking attacks
- Network and data breaches
- Phishing and ransomware attacks
- Business email compromise (BEC)
Tips to improve domain security include:
Registrar. Select a reputable domain registrar with superior domain name security.
Domain lock. Without a domain lock, domain names and registrars can be transferred by request.
Access control. Not every user needs full access to all services. Access Control (ACL) management can be used to assign roles to team members that limit their access according to their roles.
Strong password. Use strong passwords for the domain registrar’s account as well as the email account associated with the domain registration contact information.
Two-factor authentication (2FA). With 2FA on the domain registrar’s account, unauthorized users will not be able to access email without entering the special authorization code.
SSL certificate. An SSL certificate enables websites to use the secure HTTPS protocol; it contains encrypted data regarding the website’s origin server. This can often be purchased through the domain registrar.
Privacy protection. The contact information of the domain owner can be visible online when someone performs a WHOIS search on the domain. Privacy protection services can mask this information which may include your email address, phone number, and mailing addresses.
Renew domain regularly. Domain squatters register expired domain names and may offer to sell them back to the original owner at a high price.
Phishing. Be wary of emails containing suspicious links or attachments, or ask for sensitive information.
Registrar credentials. Keep registrar credentials in a secure location, and do not share the credentials through SMS, email, or chat.