Home / Industry

TLD Security, Spec 11 and Business Implications

After successfully securing your new TLD, launching it, and executing on your meticulously devised marketing plan, the only other concern you face is Security.

Unfortunately, predicting exactly when and to what degree a security threat will occur can be difficult but you can take steps to make your new TLD a source of legitimacy and credibility.

You may ask: Why security? One obvious reason: Specification 11. As part of the ICANN Registry Agreement, registry operators are required to analyze and report on the security threats posed to their TLDs. To satisfy the requirement, you need to detect whether domains in your namespace are being used to perpetrate security threats.

Beyond Spec 11, there are substantial business reasons to make your TLD a safer neighborhood on the net. Abusive registrations and compromised domains hurt the reputation of your brand.

Your TLD is your brand. Malware and phishing are threats to its reputation, and abusive registrations and compromised domains hurt its value. As part of your brand, all the more reason to make it a safe and secure haven — and a trusted destination — for your customers.

Abuse can harm the growth of your business. Often brands site the damage to customer trust and their brand as the prevailing outcome of a security incident.

Making your TLD more secure sends a positive message. Taking action to protect the businesses and consumers within your namespace is a strong and positive message that resonates in today's business climate.

"Managing abuse in your namespace and meeting Specification 11 requirements is a valuable way for registry operators to distinguish their TLD," said Sean Baseri, a TLD security expert and registry security program manager for Neustar. "We've seen just how critical it is to include the detection of threats in our TLD services, which is why we offer it to our customers at no charge."

Bill Doshier, President of dotStrategy who runs .BUZZ, immediately realized the importance of leveraging automated tools and security investigators to identify and investigate malicious activity.

"Delivering a clean namespace and protecting our customers as well as the .BUZZ brand is of utmost importance to us," states Bill Doshier. "I know I can rely on our registry partner to conduct the technical analysis to assess security threats in accordance with ICANN Specification 11," he adds.

How do you make your namespace more secure from phishing sites, or sites that distribute malware or bots? Baseri suggests an ongoing effort that includes detection of security threats.

Detection. Reports from your customers and affected companies are a valuable source of intelligence. To gain better visibility, you can also actively monitor available sources of information about security threats, such as information from private security organizations and Internet, and external security data feeds from the information security community.

Investigation. After you've identified a site that may be a source of a security threat, you should verify it before taking any action. If a site is involved in a security threat, keep in mind that the site's owner may not be participating. A skilled attacker can compromise a legitimate website without the owner even knowing it. Often, notifying the registrar, who can contact the registrant, is a good next step.

Finally, make sure you document the actions and steps you took in order to create the necessary reports for ICANN, should they request them.

The only thing tougher than getting a new TLD is everything after. Neustar can help with everything after. Learn More


About Neustar – Neustar,Inc. (NYSE:NSR) is the first real-time provider of cloud-based information services and data analytics, enabling marketing and IT security professionals to promote and protect their businesses. Learn More

Related topics: Domain Names, Registry Services, ICANN, Malware, Security, Top-Level Domains

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Related Blogs

Studying .BRAND New gTLDs

Trademarks and Domain Names Composed of Common Terms

A Case to Further DNS Registrar Industry Self-Regulation

Use STIX to Block Robocalls

How Long Does a URS Case Take?

Related News

Explore Topics

Promoted Post

Boston Ivy Gets Competitive With Its TLDs, Offers Registrars New Wholesale Pricing

With a mission to make its top-level domains available to the broadest market possible, Boston Ivy has permanently reduced its registration, renewal and transfer prices for .Broker, .Forex, .Markets and .Trading. more»

Industry Updates – Sponsored Posts

Radix Announces Largest New gTLD Sale with Casino.Online

2016 Year in Review: The Trending Keywords in .COM and .NET Domain Registrations

Global Domain Name Registrations Reach 329.3 Million, 2.3 Million Growth in Last Quarter of 2016

A Look at How the New .SPACE TLD Has Performed Over the Past 2 Years

Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016

Neustar to be Acquired by Private Investment Group Led by Golden Gate Capital

Startup League Reports from WebSummit, Lisbon

Verisign Q3 2016 DDoS Trends Report: User Datagram Protocol (UDP) Flood Attacks Continue to Dominate

2016 U.S. Election: An Internet Forecast

.SPACE Becomes the Choice of the First Ever Space Nation Asgardia

Government Guidance for Email Authentication Has Arrived in USA and UK

Afilias Chairman Jonathan Robinson Wins ICANN's 2016 Leadership Award at ICANN 57

ValiMail Raises $12M for Its Email Authentication Service

MarkMonitor Supports Brand Holders' Efforts Regarding .Feedback Registry

Don't Gamble With Your DNS

8 Tips to Find Your Perfect .COM Domain Name

Why .com is the Venture Capital Community's Power Player

Defending Against Layer 7 DDoS Attacks

Understanding the Risks of the Dark Web

The .cancerresearch TLD: Search for Cure Drives Digital Innovation

Sponsored Topics