Posted In: African Domains, Domain Security, Generic Domains

Google Domain Hijacked in Kenya – Why Domain Security Should Be Your First Priority was briefly redirecting users to a site with the slogan “hacked” on a black background Monday morning, as reported by Daily Nation. The company explained that it was the domain name server (DNS) which hosts that was compromised.

Known as a DNS hijack, the perpetrators re-direct users to a different site when the user attempts to visit the original site.

Whether you own 1 domain or over 100, domain security today is more important than ever. How much revenue, good will, brand loyalty, and consumer reputation can be lost in just 1 day of downtime? If a company as large and with pockets as deep as Google can lose control over their main search portal for an entire country for a day, what can we, as mere mortals, do to protect ourselves?

2-Factor Authentication by SymantecDomain security is a tricky business; we need to balance usability with compartmentalization and progressive layers of authorization.  How many times has TSA been criticized with providing too much security?  The same happens in our everyday lives: “You want my ID to run my credit card? How irritating!”

Luckily not every problem must be met with the same solution. Here are some of the common and not-so-common tools offers to help keep control of your domain where it belongs:

  • 2-Factor Authentication by Symantec – 2-factor authentication is an extremely reliable and secure form of security.  Available as a credit card size device or an iOS or Android app that generates a unique one-time security code with the press of a button necessary to log in to your account.  You can activate up to 3 cards per account and use them to secure popular sites like PayPal and eBay.
  • Domain Locking – Prevents your domain name from being updated or transferred without you first unlocking your domain from within your account.  This is the most common form of domain security and if your registrar does not offer this, I would think long and hard about whether security is a priority for them.
  • IP Access Logger – Track all IPs that have logged into your account. This can help you to identify and take further action on any suspicious activity.
  • IP Account Lock – Specify up to 3 static IP addresses that may access your account. Not all nefarious plots originate from overseas.  Sometimes our worst enemy used to occupy the office next door. Disgruntled ex-employees account for a staggering amount of damage, and often times they maintain access to systems they should not after they leave your workplace. By ensuring that your domain portfolio must be accessed within your office building lowers the possibility of offsite sabotage tremendously.
  • Portfolio Secure – Freezes your account from all unauthorized critical changes. Compartmentalize control of your domain portfolio.  Give key, core players’ access to the critical, and sensitive, changes that you may need to access through the life of your domains, such as: DNS Records, Security Settings, Passwords, forwarding, Transfer Authorization codes, etc…

Whatever registrar you use, make sure to remind them that security is paramount. Do not settle for smoke and mirrors; make sure you are truly protected.  It’s a dangerous cyber world out there, don’t go it alone!

To read more about Security Options, Click Here.