Business Slow On The Uptake In Securing Their Domain Names With Registry Locks

The option of reducing the risk of domain names being hijacked by cybercriminals by signing up to a Registry Lock has been available through many top-level domains for several years now, but the uptake among brands, to which they are mostly aimed, has been very slow.

This is the subject of a recent blog post from SIDN, the manager for the Netherlands ccTLD .nl, who note that only 150 of the 5.8 million .nl domain names are secured with .nl Control, SIDN’s name for their Registry Lock.

While there is a cost involved in securing a domain name
with a Registry Lock due to extra costs incurred, mostly in time by registrars
and registries, the cost is inconsequential to business. And the costs of
having one’s domain name hijacked by criminals can be major through loss of
reputation and sales. Businesses known to have suffered having their domain
name hijacked, and which the option of a Registry Lock likely would likely have
prevented, in recent years even include Google, among other high-profile brands.

Despite the benefits of a Registry Lock and that to date
they haven’t proven popular, they do protect against all hacks, including the
hacking of a hoster or registrar. SIDN in their post say by “offering registry
locks to customers, a registrar is effectively implying that its own systems
are not entirely secure against hacking.”

They work by requiring any changes in a domain name record
to be verified before the change can happen.

SIDN also note another problem: “the lack of good
(international) e-IDs.” SIDN offer than own eID – eHerkenning in the
Netherlands, but this is “only just starting to gather momentum as a business
eID. And, without an e-ID system that everyone’s at home with, old-fashioned
paperwork is the only way of verifying a customer’s identify in order to set up
a registry lock.”

And when it comes to Registry Locks there’s a lack of
standardisation which is an issue for the industry as well. A .com lock doesn’t
work the same as a .nl lock, so things can get complex for an international
company with multiple domains. Standardisation, SIDN note, was an issue of
discussion between registries and registrars at the CENTR Registrar Day: why
can’t the national registries get together and agree on a uniform registry
lock?

SIDN go on to say that “as cybersecurity awareness grows and
the value of a domain name is recognised more widely, the business community is
coming to see an unprotected name as a vulnerability. It’s also increasingly
common for a domain name to be pledged as collateral for a business loan. And
the desire to make sure that a pledged domain name is completely secure is
understandably strong. The rise of electronic IDs, such as eHerkenning, is also
significant. By reducing the administrative burden associated with a registry
lock, e-IDs are lowering the threshold to getting a name locked. It comes as no
surprise, therefore, that various national registries represented in Brussels
announced plans to introduce locks or to expand their existing services.”

This latest Domain News has been posted from here: Source Link