Ensuring Domain Name Survival
I was listening to the Security Now Podcast the other day, and a GREAT topic came up that I wanted to write about. That topic, as covered by Leo and Steve, involves ownership (specifically registrants) of Domain Name System (DNS) records. I know from past experience, domain "ownership" never seems to be front-of-mind for many folks deciding to start a website. Whether you're simply looking to blog, or starting a new business, the focus tends to be on the outcome ("I have a new website") than the path to get there. In this article, I want to cover some of the common ways domains are registered and how you can protect your domain name should something ever happen.
Why the Registrant is Important
If you didn't already know, there is no such thing as domain "ownership." You cannot simply buy a domain name outright and own it forever. Rather, domain names fall under a model more akin to leasing. While it can vary from registrar to registrar, the amount of time and money for which you lease your domain name can vary. Just like a lease for a car or apartment, the contact information associated with your domain name provides the details for who is responsible for maintaining and paying for that domain name. This contant information is known as the registrant (or "Registered Name Holder"). Typically, the registrant is the person that pays to "lease" the domain name at the registrar. However, if you are not the registrant AND you need to make changes to your domain name (such as pointing to a new web server or email server), you may run into problems.
Here's where this usually goes awry:
- Scenario 1: You contract with a developer (or web design firm) to create a website for your new business. The developer registers the domain to deliver the website. The relationship with your web developer sours (and they are no longer renewing your "lease" on the domain name). Or perhaps the web development company closes. Either way, you decide to hire someone new to make changes, but you didn't have access to your domain name configuration panel.
- Scenario 2: Your business partner registered the domain name with their personal details. Unfortunately, your partner suffers unexpected health problems making them incapable of making changes (or altering the domain ownership).
So yes, you may have been using that domain name for years. But, if your name isn't anywhere in the registrar's records, you'll be gathering a LOT of paperwork to gain access.
How to avoid Registrant issues
When it comes to registering domain names, there are a few best practices that can help avoid registrant issues in the future.
- Use a secure password (and MFA): When you set up an account with a reputable domain registrar (Cloudflare, Google, Amazon, etc), use a shared mailbox email address and secure password for both the mailbox and registar account. You do not want communications about the account going to a single person, nor do you want to tie the registrar account to a single person (that could eventually leave the company).
- Assign domain ownership to a Company: If the domain name is business-related, register the domain using the corporate entity. Specifically, make sure your organization's legal name is listed in the Registrant Organization field, and the role-based or department-based name is listed in the Registrant Name field. Optionally, you can use Domain Privacy (a feature at most registrars) to hide contact information about the domain.
- Register the domain name for the longest possible length: A common source of problems with domain names is that the registration (lease) expires and then the domain is purchased by someone else.
- Plan ahead with payment details: Set the domain to auto-renew and be sure to provide multiple forms of payment on the account. If you simply provide a single credit card number, you run the risk of the card number no longer working at renewal and the renewal failing.
- Provide backup contact information: This particular step helps ensure that more than one person can retrieve the domain account. This is particularly important if the email address used to originally register the domain name is no longer valid (e.g. employee leaves company). Of particular importance, ensure the backup contact email address uses a domain component different than the domain name you've registered. If the domain registration expires or gets suspended, there will be no way to get the backup emails if the backup email address uses the same domain name!
As a side note, it's also important to lock your domain name after registering. This ensures that you don't run the risk of some unscrupulous people attempting to take over your domain by moving it to another registrar.
Final Thoughts
Domain Name management always seems like a set-and-forget type of task, but a little preparation can ensure you minimize impact to your business in unforseen circumstances. Feel free to share any domain name horror stories or tips I may have missed in the comments below!