At the beginning of last year, MarkMonitor participated in VeriSign’s beta program to test server-level protections which were designed to mitigate the potential for unintended domain name changes, deletions and transfers. When VeriSign finally released their Registry Locking Program to all registrars, I expected to see the owners of highly trafficked sites flocking to this new offering.
However, after a review of the top 300 most highly trafficked sites, I was shocked to uncover that less than 10% of these valuable domains were protected using these newly available security measures.
So why aren’t more companies protecting themselves?
Given the value of these highly trafficked domains, I cannot imagine that the additional fees associated with employing this level of service are the deterrent.
I can only imagine that either the offering hasn’t been made widely available, or that confusion as to whether a domain is locked it to blame.
When it comes to domain locking, there is often quite a bit of confusion as to how to determine whether a domain is 1) “locked” within a portal, or 2) “locked” at the Registrar, or 3) “locked” at the Registry.
Only domains that have the following statuses are considered to be “locked” at the Registry, and cannot be modified using standard protocols.
- client delete prohibited
- client transfer prohibited
- client update prohibited
- server delete prohibited
- server transfer prohibited
- server update prohibited
For the owners of highly trafficked domains, I would strongly recommend adding this level of security to protect valuable domains. It is there for a reason, so why not use it?