Sep 8, 2022 - by Nicole DelleDonne
Ever wonder why high-profile brands choose to work with corporate registrars? Certainly consolidated monthly invoicing, bulk management and global TLD offerings play a major factor in their decision-making process. But above all, corporate registrars provide a number of security measures not offered by retail registrars. These include services such as registry locking, single sign-on, IP access restrictions, nameserver monitoring, domain monitoring, audit logging, enterprise-class user permissions and dedicated client support. Let’s take a closer look at these services, how they work, and why they are so important.
Domains that are registry locked are impervious to automated updates, unless a manual protocol is completed between the registrant and the registrar, and then a second protocol is completed by the registrar and the registry. It is a manual process that provides an additional layer of security so that domains are protected against hacktivists from pointing domains to politically motivated content, disgruntled employees from embarrassing their employers, and inadvertent mistakes which unfortunately still happen.
Single Sign-On (SSO)
By now, most know that sharing login credentials is a big no-no, and that leveraging two-factor authentication helps to further secure accounts. But by implementing single sign-on (SSO) for domain management accounts, companies have even greater control over who has access to domain name portfolios, especially as employees move-on to new roles or leave the company altogether.
IP Access Restrictions
Beyond SSO, access to domain management accounts can be further protected by implementing IP access restrictions. This limits domain management account access to a single IP address, a series of addresses or a range of addresses.
To ensure that nameserver information that resides at the registry matches those that exist within the registrar’s database, corporate registrars should be actively monitoring to identify any mismatches. A mismatch between what resides at the registry and what resides with the registrar could indicate an unauthorized update.
In addition to nameserver monitoring, some corporate registrars also provide the ability to monitor domains for changes to registrar, EPP status, DNS records, SSLs and resolution. This type of monitoring can be useful in identifying unexpected changes.
Audit logging is one of those features you may not know you need, until you actually need it. But if you have a domain that is pointing to the wrong location, or has been marked to lapse, or has the wrong contact information displayed, knowing who made the update and when the update was made can be invaluable.
Corporate registrar platforms typically support robust user permissions so that admins can limit the actions that users can take - such as whether they have full access, read-only access or no access to specific functionality. Admins are also able to specify whether users can update all names within the portfolio or just as a specific group of domains. By limiting access and functionality by user, portfolios remain more protected.
Dedicated Client Success Team
Unlike retail registrars who provide support via call centers, corporate registrars assign dedicated client success managers to act as a main point of contact. These dedicated client success managers work closely with their clients, ultimately becoming an extension of their clients’ teams. Over time, client success managers help their clients to achieve their unique objectives - whether it’s cost containment, portfolio optimization or risk mitigation.
Nicole DelleDonne is Senior Director, Sales. With ten years of direct industry experience, she has worked with some of the world's most valuable brands to implement domain management solutions designed to protect and promote their businesses online.
Recent posts from Nicole DelleDonne