In response to the website hack at The New York Times, I've seen some security experts advocate implementing domain-monitoring and domain-locking services. What value do domain security services offer, and what should enterprises look for in such services?
Ask the Expert
SearchSecurity expert Kevin Beaver is ready to answer your network security questions – submit them now! (All questions are anonymous)
As illustrated by the Syrian Electronic Army's attack on the hosting provider Melbourne IT, offloading your domain-hosting needs may not be all that it's cracked up to be -- especially when you consider the number of high-profile domains Melbourne IT was hosting. What essentially happened was that Melbourne IT's systems were hacked, its credentials were stolen and many of its domains got redirected. This redirection of domains caused websites (including www.nytimes.com) to resolve to IP addresses that hosted malware. According to several security experts involved, utilizing domain-locking services would have prevented this attack dead in its tracks.
So, to answer your question, there is substantial value in domain security services, as they can often prevent unauthorized domain redirects. In addition, domain-monitoring will alert domain administrators whenever changes are made to their Whois record.
But do these services provide 100% domain security? No. Domain services don't do much in the way of Border Gateway Protocol or BGP, redirects or other such attacks that happen outside of a network but nonetheless adversely affect it. However, if you are looking to prevent redirects and want to know about Whois record changes, these services can come in handy.
In terms of what an enterprise should look for in such offerings, I would first compare a number of vendors. If one has a reputation for being mistake-prone, look elsewhere. Secondly, evaluate the mechanics of how each vendor performs services. For example, is SSL encryption used? How are alerts delivered to domain administrators? Are there any specific components and devices that need to be embedded into existing infrastructure? These are just a few considerations that decision makers should take into account prior to finalizing a purchasing decision.
Dig Deeper on Security vendor mergers and acquisitions
Related Q&A from Brad Casey
Allowing users to tunnel through a firewall to access any site creates a security risk. How big of a risk is it? It depends on how much you trust ... Continue Reading
Our IT organization needs to secure customer names, but also needs to conduct searches on the entire customer database to match and merge records. Continue Reading
Don't treat physical and virtual machines' security differently. Since VM security issues threaten the whole infrastructure, here's how to stop ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.