It seems like every week, news of yet another high-profile domain hijacking occurs. Whether it\'s stolen credentials, SQL injection attacks, or even the work of disgruntled employees, the number of incidents has been on the rise.
At the beginning of last year, MarkMonitor participated in VeriSign\'s beta program to test server-level protections which were designed to mitigate the potential for unintended domain name changes, deletions and transfers. When VeriSign finally released their Registry Locking Program to all registrars, I expected to see the owners of highly trafficked sites flocking to this new offering.
However, after a review of the top 300 most highly trafficked sites, I was shocked to uncover that less than 10% of these valuable domains were protected using these newly available security measures.
So why aren\'t more companies protecting themselves?
Given the value of these highly trafficked domains, I cannot imagine that the additional fees associated with employing this level of service are the deterrent.
I can only imagine that either the offering hasn\'t been made widely available, or that confusion as to whether a domain is locked it to blame.
When it comes to domain locking, there is often quite a bit of confusion as to how to determine whether a domain is 1) \"locked\" within a portal, or 2) \"locked\" at the Registrar, or 3) \"locked\" at the Registry.
Only domains that have the following statuses are considered to be \"locked\" at the Registry, and cannot be modified using standard protocols.
client delete prohibited
client transfer prohibited
client update prohibited
server delete prohibited
server transfer prohibited
server update prohibited
For the owners of highly trafficked domains, I would strongly recommend adding this level of security to protect valuable domains. It is there for a reason, so why not use it?
Written by Elisa Cooper, Director of Product Marketing at MarkMonitor
