Jul 6, 2024 - by Nicole DelleDonne, Heather MacNeil
This article first appeared on World Intellectual Property Review on June 5, 2024.
Decisions taken by domain managers are often difficult, complex and time-pressured. Nicole DelleDonne and Heather MacNeil of GoDaddy Corporate Domains, with Donna Lyon of Ally Financial, offer a guide to help those thrown in the deep end.
Many people find themselves thrown into the deep end of domain management after initially being part of marketing, legal, or IT. What they quickly realise is that domains are a distinct world of their own, and they are incredibly important to the company.
Domains are multi-layered with technical, trademark and branding elements, too. Because domains have many aspects of complexity, they are often misunderstood or undermanaged.
With little room for error and a steep learning curve, domain managers must navigate a challenging environment and build their own foundation, either solo or with a very small team.
A day in the life of domain managers is never easy, and yet their roles are pivotal to the overall success of their company.
Based on advice from seasoned domain name management professionals, here are 10 tips to help domain managers overcome the complex challenges they face:
1. Respect the complexity of domains
On the surface, domains seem straightforward but do not underestimate how tricky managing domains can be. Start with a healthy respect for the complexity of domains. Also, realise that no one has all the answers, so it’s warranted to seek out assistance from published thought leader articles, colleagues, corporate registrars, and technology providers.
These resources will provide a lifeline for gaining a firm grasp on the company’s domain program. As an incentive for tackling this challenging role, domain managers inevitably become invaluable and essential assets to the company.
2. Establish a domain name council
Domain managers are in an ideal position to bring together colleagues at the company whose roles touch upon domains, with the goal of effectively building an end-to-end process with strong communication. Domains cannot exist as an island, so working with other groups is crucial.
A highly recommended approach is to build a Domain Name Council or DNC. Even if the DNC only meets periodically throughout the year, establishing this team is a great way for different groups to connect. Groups represented can include the IT group (specifically the teams responsible for DNS and SSLs) teams, Information Security, marketing, and legal (often the trademark team).
DNC meetings provide a forum for colleagues to learn from each other and mitigate risk in the domain space. The DNC can work together to create processes and connections to ensure strong collaboration and sound management around domains.
3. Tightly control domain registration
Domain managers must instil strong controls to restrict who can register domains. Optimally, domain managers will route all registration requests to come through them for vetting based on set evaluation standards.
All domain requests must be considered from a brand/marketing perspective, examined for trademark infringement/legal issues, and gauged by security/IT for authorised user permissions. Budget limitations also influence registration decisions since domains cost money to buy and maintain. As gatekeepers, domain managers sometimes need to push back on domain requests and ask why they are needed and how they will be used over time.
4. Track and tag domains
Domains need to be tracked, tagged, and organised efficiently for ongoing monitoring. Attributes most crucial to track for reporting purposes include which domains are live/resolving to live content and traffic metrics showing how often they are visited.
This tracking data informs decisions to lapse domains and helps determine their monetary value in case they can be sold if no longer needed. Budget permitting, technology platforms for domain managers can help accomplish these tracking and tagging functions.
5. Think defensively: Block and tackle
With a proliferation of new domain extensions now available, defensive registration tactics are all-important for domain managers. Be aware of new extensions or blocking services that become available and carefully assess whether they make sense for your domain program or fit your company’s strategy. For example, many companies are interested in proactive blocking solutions such as GlobalBlock, as a way to be proactive in a cost-effective manner.
Blocking services are preventative. Buying them costs money upfront, but since they prevent unauthorised registrations that can be costly to enforce against, they protect companies from having to buy lapsed domains back at a premium price.
Also, they have the added benefit of reserving that name space for the trademark owners if the owners choose to use those domains in the future. Since domain security issues are ever-increasing, protection provided by blocking services can save the company from substantial risk and damage from phishing, spoofing and infringement events.
6. Safeguarding domain security
Domain managers feel the heavy weight of protecting the company’s brands and, therefore, forge strong alliances with IT security/cyber threat teams. Technology and security teams can tip off domain managers to emerging threats (and vice versa), so swift action can be taken to protect the company.
It’s also important to build a strong foundation with critical security solutions like engaging registry locks on the most critical domains. Registry locks are highly recommended because they protect domains from accidental changes or malicious attacks such as changing DNS or domain deletion.
Also, the corporate registrar should employ layered security measures to ensure only authorised users can access the company’s account and further control who is authorised to make specific changes to domains. Two-factor authentication, IP access restrictions, and single sign-on are examples of critical security features that registrar platforms should have.
Finally, making practical adjustments to user access such as making domain names read-only and using company email addresses rather than generic (Gmail, etc) addresses will help limit the risk of improper access.
7. Reporting and auditing
Accountability can be achieved by integrating reports and auditing capabilities into a domain manager’s workday. In the modern age of metrics and analytics, having numbers at-the-ready is essential.
Monthly or quarterly reporting on domain status, DNS records, domain resolution, approvals, and other controls will provide prompt answers to questions from domain-adjacent departments and company executives. Having up-to-date data available helps domain managers stay abreast of change since domains are an ever-moving target.
8. Set it, but don’t forget it
Some domains will be kept forever, while others are meant only for temporary use - obviously, not all domain lifecycles are the same. The philosophy of “set it and forget it” is too-often used for domains, which leads to bloated and expensive portfolios that are chock-full of obsolete domains. As campaigns and brands may come and go, the domain manager must keep abreast of those transitions.
Decommissioning or dropping domains should not be viewed as a simple decision, and it should only be done after careful consideration of its potential impact. A common mistake is to unplug or stop renewing a domain without first determining whether it is still useful, resolving to live content, hosted by a third party, or potentially valuable as a sellable asset.
On the flipside, it is also a common mistake to hold on to all domains whether they are useful or not without periodic pare-downs. For these reasons, it is critically important for domain managers to have an end-to-end domain lifecycle management process that they monitor and revise as needed.
9. Weeding out domains
When the domain manager has determined that the company no longer needs domains, that’s when another round of due diligence kicks in. Looking at SSL expirations is one way to identify when it’s time to drop a domain, but that’s only one factor to consider.
Approvals will be needed from IT executives, possibly including the CIO and CISO, and also an executive from the business unit the domain was associated with. This process will ferret out whether there are any viable reasons for keeping the domain, including if there are still subdomains in the system that are still in use.
Then, once the domain is decommissioned, should the domain manager put a redirect in place to retain the SEO and searching value that the subdomain provided? There are many pieces to the puzzle, so it’s really important to look at the whole ecosystem when deciding to drop domains.
10. Beware of blind spots
As vigilant as domain managers can be, they have broad responsibilities and therefore must watch out for hidden pitfalls. Blind spots can be avoided by relying on a network of peers and publications in the domain space which can deliver the most up-to-date information about domains.
Internal cybersecurity, IT, legal and marketing teams all provide useful perspectives. Also, external resources such as corporate domain registrars/vendors are especially helpful. Technology systems can also help in providing information 24/7. The more domain managers can enlist human and technological assistance to avoid blind spots, the more successful their domain endeavours are likely to be.
A day in the life of a domain manager is full of difficult decisions and the stakes are high. In addition to the top 10 tips described here, domain managers are well-served to commit to a culture of learning and adjusting to change.
Also, they are well-advised to take advantage of all internal and external resources including colleagues, corporate domain registrars and technology providers who are knowledgeable about aspects that affect domains.
Since domains cut across so many departments within an organisation, there is no place for silos and separation. When thrown into the deep end, domain managers can best stay afloat by educating themselves and building a strong stable of resources.
Recent posts from Nicole DelleDonne, Heather MacNeil