For a number of years, there have been many different high profile incidents where major websites were defaced, taken offline, or crippled due to issues related to their domain registration. Last night, there was an incident where several high profile domains went offline due to issues at their registrar, and they are now coming back online after what I am sure was a few crazy hours for their operations teams and management. (Network Solutions released a statement Thursday afternoon that the attack wasn’t malicious.)
Whether through social engineering hacks, defacements, or through operational errors, managing domain portfolios needs consistent management, and a well thought out plan to deal with worst case scenarios. I have spent a number of years designing for these worst case scenarios for many large domain portfolios, and I wanted to provide some high level guidance for domain owners and administrators on how to effectively prepare for such incidents.
Ensure That Your Organization Has A Well Thought Out Plan To Deal With A Domain Failure
Domain failures do happen whether from human error, hijacking, etc. Ensuring that the domain owners’ organization has a plan to deal with a failure is critical, and this plan should be shared with the proper areas of the organization so everyone knows how to react when an issue comes up. I would also recommend reviewing this plan yearly at minimum in order to ensure that all people and processes are in alignment with the plan and adjust it accordingly as things can and will change over time.
Know The Right People And Organizations To Contact
When an emergency hits, making sure you have the correct contacts for escalations is key. Whether it’s your registrar or your DNS provider’s contacts, or your internal teams and escalation points of contact, every minute counts when there is an outage. Make sure you have an updated contact list for anyone that can assist in restoring your domain(s) and services. Also, make sure that your registrar and DNS provider has your organization’s contact information and escalation list.
Do Not Use A Single Person To Manage Your Domains
This may seem like a simple concept, but having one person who controls everything can lead to a single point of failure, and open your domains up to various failures when and if that person can no longer participate in the management of the domains. Instead, use a chain of custody for your domains by utilizing several layers of people to approve and implement changes. This allows for multiple people failures (people out on vacation, sick time, etc).
Connect With People And Organizations That Can Help
There are many great people and organizations that work in the domain and DNS industry. Make sure you connect with them so that when, and if, a situation arrives, you can reach out to them for assistance, and in turn, they may just reach out to you as well. They all hold meetings throughout the year and have active email lists that you can participate in. It is a great way to get to know people and companies in the industry, and the relationships you build may come in handy at some point: