Chris Melka
Sr. Domain Strategy Consultant
Corporate domain name portfolios can be fractured for any number of reasons.
Sometimes — as is the case with rogue “outlier” domains registered by individual employees — holding domain names at multiple registrars is essentially accidental. In other cases — such as when business units operate independently or when an organization decides it’s in their best interest to hold domains at multiple registrars — the decision is intentional.
Most everyone would agree that this first type of fractured portfolio should be eliminated, and domains consolidated to a single registrar, allowing for a holistic view of domain name assets and reducing the risk of accidental expiry. It’s the second group we’ll address here.
Are the benefits of a split portfolio actually beneficial?
While Markmonitor believes that on-balance, consolidated domain management through a single registrar is the best choice, it would be disingenuous to disregard the counterarguments.
It’s not uncommon for corporate registrars to put forth the argument that splitting a domain name portfolio across two or more registrars is beneficial. As with much of life, black and white answers are rare, and decisions need to be made weighing the pros and cons of different courses of action.
There are serious implications to the decision to split a corporate portfolio across multiple registrars, and we’ll highlight some of the considerations which are frequently glossed over when being pitched the idea to split a portfolio.
What's the rationale behind so many registrars espousing a split domain name portfolio?
Let’s start with a simple question: If registrars lacking the ability to manage an enterprise-scale domain name portfolio across all TLDs suddenly had the ability to manage all domain names for a global business, would they still promote the idea of splitting domain name portfolios across multiple registrars?
The answer to this question informs the rationale for such arguments and more specifically, informs the topic of whether or not a registrar is working in your best interest or selling you a bill of goods.
Does registration complexity influence a registrar's stance on split domain name portfolios?
Why are many registrars — most retail registrars and a healthy number of corporate registrars — unable to manage all TLDs globally? The question dovetails with numerous considerations which should be included when deciding to keep domain names at a single registrar or spread them across multiple registrars.
While it’s relatively simple for registrars to become accredited to manage legacy gTLDs, new gTLDs, and some ccTLDs, there are dozens of ccTLDs with unusual accreditation requirements and stringent (and sometimes anachronistic) procedural policies.
One reason many registrars don’t receive accreditation in such ccTLDs is that they’ve judged their cost/benefit to be poor. Objectively this makes sense, particularly in the case of retail registrars. But if one’s customer base requires domain coverage across the entire ccTLD space, providing management capability for some but not all TLDs is questionable at best.
A second reason not all corporate registrars can manage all TLDs is it takes time and effort to receive accreditation with many ccTLD registries. Since our founding in 1999, Markmonitor’s focus has been providing a full suite of enterprise-focused domain name solutions for businesses, resulting in some of the deepest relationships which exist between registrar and registries.
A few concrete examples highlight this point:
Norway’s .no TLD requires a local registrant and also prohibits more than 100 domains to be associated with a registrant entity. For many years, Markmonitor has incorporated local business entities for each 100 .no domains under management, rather than outsourcing to a trustee service. Inconvenience, hassle, or added cost are not legitimate reasons for a corporate registrar to not offer .no management.
China has numerous unique requirements for both registrars and registrants operating active websites within China. Registrar requirements have meant that accreditation has been limited to in-country registrars; foreign businesses have simply not been able to meet PRC accreditation and usage requirements (Ministry of Industry and Information Technology or MIIT licensing and Internet Content Provider or ICP recordal, respectively).
Starting with the formation of Markmonitor Shanghai Information Technology Ltd. in 2018, Markmonitor began the arduous process of becoming certified to manage domain names tied to active websites with the appropriate Chinese regulatory agencies. Today, Markmonitor is the only non-native registrar accredited to manage domains with active domestic content in the .com, .net, and .cn TLDs within China, streamlining e-commerce time-to-market within China and eliminating the expansion of the IT attack surface that results from management of Chinese websites by a third-party registrar.
There are situations where your registrar should be willing to take actions which don’t maximize profit but do ultimately benefit their customers.
An argument based upon cost
What of cost?
A frequent argument for splitting domains across registrars is that pricing leverage results in reduced cost. Corporate registrar pricing is determined by the overall size and makeup of the portfolio. Splitting the portfolio makes it more difficult for each registrar to offer their most competitive pricing on every TLD. Corporate registrars reserve their best portfolio pricing for customers who commit to exclusivity.
While it may be true that some TLD-specific pricing victories can be obtained by using multiple registrars, the less visible and frequently overlooked cost is operational.
By increasing complexity of portfolio management, more employee hours are dedicated to managing the portfolio; resources needed to handle regular tasks like invoicing — particularly when a business needs to segment expenses internally — expand and wash out any modest gains in pricing. Having multiple domain name registrars also means multiple login credentials to manage, multiple onboarding requirements to meet, multiple terms and conditions to follow, multiple invoices to process and multiple customer services personnel to contact and manage.
An argument for registrar-to-registrar visibility
What of the argument that some registrar platforms allow for a consolidated view of domain names across multiple registrars? There may be some benefit here in terms of obtaining a holistic view of all domain assets, but no more so than managing all domain names through a single registrar; this is a solution in search of a problem.
An argument for data-rich registrar UIs
What about the value of UI-integrated domain name metrics?
Access to data is only beneficial to the extent that it provides a user clear takeaways and action items; data for data’s sake is a shiny bauble with little benefit, absent analysis.
While Markmonitor believes there is some benefit to integrated domain analytics, we also base development decisions on user behavior and needs. For each Markmonitor customer who has the time and inclination to roll up their sleeves and dig into domain name analytics, there are ten more who simply lack the bandwidth to do so. Most portfolio managers wear two hats, and portfolio management is a responsibility layered on top of ‘regular’ job responsibilities.
Markmonitor follows the design thinking product development approach, which requires a deep understanding of customer pain points to build the products which maximize value across our customer base. As we move through that process to create our next generation UI, we recognize that portfolio managers don’t simply need access to a glut of data, but they need assistance evaluating, synthesizing, and prioritizing portfolio goals and associated actions.
Behind every Markmonitor Domain Portfolio Advisor are research and strategy teams whose goal is to support customer process and strategy development by transforming raw data into coherent action plans.
An argument for security
Is there a security benefit to the multi-registrar model?
The argument is that a distribution of domain names across multiple registrars eliminates whole-portfolio breach risk. This is absolutely true. It also fails to align with the reality of security breaches, which target specific domain names rather than entire domain portfolios, and overwhelmingly occur at the registry rather than registrar level.
It’s critically important that your chosen registrar is on the leading edge of security best practices. Security practices should start with standards such as SOC 2 and ISO certification, be reinforced through independent 3rd party PEN testing, and productized through features like two-factor authentication (2FA), granular user permissions, DNSSEC, DNS monitoring, and registry lock.
Splitting a portfolio between registrars not offering the same level of robust security with the idea of risk reduction through fragmentation is a poor decision. In short, there is a reason that the domain names responsible for the majority of global internet traffic reside with Markmonitor.
An inevitable byproduct of a split portfolio is a widening of the external attack surface. The simplest way to understand the concept is that each and every nexus of internal systems and external systems introduces an additional point-of-compromise outside the control of the organization. Having some external attack surface is the price of business — every organization is to some extent reliant upon external vendors and partners whose role introduces its own potential point-of-compromise.
Breaches can result in data theft of customer and/or employee PII (personally identifiable information), theft of trade secrets or patented technologies, and in the specific case of domain names, theft or compromise of domain names or DNS hosting. Returning to the ‘on-balance’ question—what is gained and what is risked through an intentional widening of the attack surface?
Domain name portfolio consolidation: a net positive action
Markmonitor has long maintained that domain name portfolio consolidation is a net positive action. A portfolio split across registrars introduces value negative workflow redundancies while expanding the attack surface. If presented with the argument that splitting a corporate portfolio across registrars is beneficial, it’s important to ask — beneficial for who?
If you’d like to learn more about corporate domain name portfolio best practices, contact us using the button below.
