Domain names generally just tick over and are generally not a reason to be concerned; however, when a domain name issues does rear its ugly head it can be catastrophic to a business and has the ability to cripple an online operation. This post looks at some of the common domain name mistakes that all brands should aim to avoid.
Number One: forgetting to renew your domain name
In April of 2013, The 22nd largest bank in the United States Regions Bank with 1,700 branches and 2,400 ATMs across a 16-state network failed to renew their domain name. As a result, their online operation went down including their website, online banking, email and all associated applications. Online services did not fully recover until a week later.
Originally, Regions Bank released a statement that they were experiencing intermittent network issue that is impacting some customers’ ability to access our web site; however, the real reason behind this black out was that the organisation did not implement processes to protect their core domain name asset from expiring.
It is a cautionary tale about the importance of having basic domain name renewal processes in place. Organisations of all sizes are vulnerable to missing important domain name renewals. All it takes is a missed renewal email and all off a sudden you are completely offline.
How to avoid this scenario?
– Utilize a domain name management service, such as Netnames, who take responsibility for renewing domain names on behalf of the domain name owner.
– Develop a clear internal domain name policy.
– Ensure the function is in someone’s KPI. Make someone or a team responsible and accountable for this function.
Forgetting to renew your major domain name is probably one of the worst of the domain name mistakes you want to avoid, so get your portfolio managed by a professional domain name managemement service.
Domain Name Mistake no. Two: Forgetting to register your new product’s domain name
Brand launches become less fun when you are forced to fork over thousands of unbudgeted dollars to a third party because you forgot to register the domain name at the product conception stage.
Unfortunately it is common for Companies to pay obscene amounts of money for a domain names that they forgot to register. Domain name squatters using all sorts of online listening tools to catch whisper of new product launches. They then register the rumoured brand in domain names and wait for the brand owner to approach them and make them an “offer they can’t refuse”.
How to avoid this scenario?
– Be Proactive and Safe: Register the corresponding domain names with all of your concept brands. Even if you have fifty concept brands, just register them for the minimum period. You can always let go the brands that don’t get up.
– Coordinate with IT: Ensure that you coordinate with your IT team as they will often have a centralised domain name account that is monitored.
– Domain Name Management: Utilize a domain name management service to ensure domain names do not expire.
This can be a stressful situation, but if you pick it up early you can minimize damage with swift and deliberate action, as described above. This is one of the easier domain name mistakes to make. The devil is in the detail and domain names should be considered a central part of any launch project that includes a website.
Domain Name Mistake no. Three: I changed host, but not my DNS
This is a very basic, simple and totally avoidable mistake to make. When a website changes onto a new server it is generally issued a new IP address.
In order for the new server it is essential that the IP address is changed in DNS as well. For example, if you want your website to resolve to the new server you need to change the A record in the DNS.
Failing to change the DNS could result in your entire online operation going dark and it could take up to 24 hours to bring it back online, depending on your DNS TTL.
How to avoid this scenario?
– Coordinate with your domain name management provider and schedule in the DNS changes.
– Develop an internal domain name policy that clearly outlines the steps to change IP address, servers and DNS.
Domain Name Mistake no. Four: My domain name was hijacked
Domain hijacking or domain theft is the act of changing the registration of a domain name without the permission of its original registrant, or by abuse of privileges on domain hosting and registrar software systems.
To hijack a domain name, you just need to gain access to the domain control panel and point the domain name to some other web server other than the original one. So, to hijack a domain you need not gain access to the target web server.
Bad actors gain access to a domain name’s control panel through malware and spear phishing where a user profile is stolen from one system and used to access another. Humans generally don’t like having to many passwords and in some cases have one password for multiple control panels.
How to avoid this scenario?
There are certain steps that a domain-name owner can take to reduce the exposure to domain name hijacking. The following suggestions have been published by ICANN and may prevent an unwanted domain transfer:
– Use strong email passwords and enable two-factor authentication if available.
– Disable POP if your email provider is able to use a different protocol.
– Tick the setting “always use https” under email options.
– Frequently check the “unusual activity” flag if provided by your email service.
– Use a two-step (two-factor) authentication if available.
– Make sure to renew your domain registration in a timely manner—with timely payments and register them for at least five (5) years.
– Use a domain-name registrar that offers enhanced transfer protection, i.e., “domain locking” and even consider paying for registry locking.
– Makes sure your WHOIS information is up-to-date and really points to you and you only.
About brandsec
Brandsec is a corporate domain name management and brand protection company that look after many of Australia, New Zealand and Asia’s top publicly listed brands. We provide monitoring and enforcement services, DNS, SSL Management, domain name brokerage and dispute management and brand security consultation services.