At a global average cost of $4 million per breach, it can be easy to view cybersecurity as a concern mostly meant for large corporations. Unfortunately, cybersecurity is often overlooked by many small businesses. Cybercriminals aren’t very picky when choosing between small businesses and corporations. According to Verizon, throughout 2020, 43% of security breach victims were small businesses. Additionally, 43% of all breaches involved compromised domain security, twice as many than in 2019.
Unfortunately, there is no single preventative measure that will guarantee immunity from web attacks. However, through combining a number of unique security measures, it is possible to significantly reduce the likelihood of a security breach. In this blog post, we are going to focus in on securing a specific segment of your online presence, your domains.
Domain Security Locks
Domain Locks “lock” a domain name so that it can’t be transferred or changed without the permission of the registrant. The registrant must “unlock” the domain before making changes. Domain Security locks work at three different levels.
The first and most basic level of security is an account lock. Account locks offer protection against domain theft, unauthorized transfers, deletions, and tampering. Account locks restrict access to a specific IP address to limit the threat of a password leak, or a rogue employee. An account lock can also be powerful protection for unapproved DNS changes or other components of your online presence such as business email, SSL etc.
Slightly more specific in its application is the registrar lock. As the name would suggest, the domain registrar manages these locks. Registrar locks are applicable to any domain names that you manage, preventing domain hijacking and changes to name-servers. Registrar locks also offer protection from domain theft, transfers, deletion, and updates.
The most powerful domain lock is the registry lock. The Registry Lock implements two layers of security from both the registrar and the registry to protect your domain name from any unauthorized changes. Support for registry locks is available for .ca, .com, .net, .info, .app, and 46 other domain extensions.
SSL Certificates are very important in securing data sent to and from your website. SSL Certificates encrypt information so that third parties cannot view or intercept it. There are many different options when it comes to SSL Certificates, so how do you determine which one is right for you?
When evaluating different SSL offerings, consider the number of domains you are looking to secure. Are you looking to secure a single domain, multiple domains, or a single domain with an unlimited number of sub-domains?
Once you have determined the number of domains you are looking to secure, then you will have to choose from one of three different validation options: domain validation (DV), organization validation (OV), and extended validation (EV).
Domain Validation (DV) SSL Certificates are the fastest to issue and use because a certificate authority only needs to verify domain ownership and registration info. DV certificates can be issued in a matter of hours.
While DVs are fast, inexpensive, and easy to use, they do not do an excellent job of communicating how secure your website is to users. Still, data encryption and ease of use are more than good enough in several cases. These are best for blogs, internal development environments, and smaller organizations.
Organization Validation (OV) certificates are a step up from DV Certificates. These take a little bit longer to authenticate, as a buyer must prove that it is a legitimate legal entity by providing the appropriate documentation. This is done to verify the ownership of a domain name.
A distinct advantage that the OV SSL certificates have, is that OV certificates come with a dynamic clickable site seal that displays validated company information. While not as feature rich as Extended Validation Certificates, OVs are perfect for smaller e-commerce websites that lack the budget to afford an EV, and need to communicate to users that they are a trustworthy vendor.
Extended Validation (EV) certificates are the most powerful when it comes to SSL Certification. The world’s largest brands more are more likely to use extended validation, as they clearly communicate security by presenting a green address bar on browsers. To purchase an EV certificate, the certificate authority must validate your organizational, physical, and operational existence. Part of the process is conducted manually to ensure legitimacy. The vetting process is extremely thorough and can take up to 5 business days to complete.
A Domain Name System (DNS) is one of the most understated elements of a secure internet connection. Simply put, DNS functions like a directory for the internet. Instead of searching for websites by using a numeric IP address, users can locate sites through domain names (webnames.ca). But more importantly, DNS, in its Anycast variant, offers protection against DDoS attacks, domain hijacking, pharming, and cache poisoning.
By purchasing a public domain, your personal information is entered into the public WHOIS directory. The WHOIS directory is publicly accessible, meaning that anyone can easily access your information if your domain is unprotected. Unprotected domains are liabilities. They are more likely to be stolen, and may significantly impact the financial welfare of a business. Domain privacy secures all your sensitive information by replacing it with standard contact information by a registrar. This includes your:
- Street Address
- City, Province, and Country
- Postal Code
- Phone Number
Webnames Account Security Measures
Webnames also offer advanced management tools to accommodate larger teams and provide great security. At Webnames, we know that different people on your team will interact with domains for several reasons. While it certainly speeds up the process to give everyone on the team equal access, it also increases the security risks to your domain portfolio. With our advanced management tools, empower your team and keep your portfolio safe with:
- Special permissions for each user, to give them the access that they need, while maintaining the security of your domain portfolio
- “Child” accounts for business units and clients. Control, manage and oversee Child access, pricing, billing, and account permissions
- An Account Activity Tracker to log of all the actions taken in your portfolio. Sort activity by domain, username, timestamp, and bill/invoice number.
- Bulk Domain tools to expedite the management of large domain portfolios. Conduct simultaneous updates on hundreds of domains all at once
- Two-Factor Authentication, to make sure your accounts never fall into the wrong hands
According to PWC, many business owners feel that COVID-19 has accelerated the digitization of their businesses. But as more businesses focus their efforts online, operating in unfamiliar territory, this has meant that cyberattacks are more likely than ever before. 2020 has brought a surge in intrusions, ransomware, data breaches, and phishing attempts. Building a comprehensive cybersecurity network is more important than ever. Securing your domains and your online presence is a great place to start.