CSC MultiLock provides the highest level of security by combining registry- and registrar-level locks with three-party manual authorization, as well as a WHOIS lock. It prohibits unauthorized deletions, transfers, and updates to your domains.
Adding this service to a domain prevents domain name changes at the registry-level without a manual verification process, significantly minimizing the risk of domain name system (DNS) hijacking. Changes can only be made when three independent parties provide authorization.
THREE REASONS WHY IT'S ESSENTIAL TO REGULARLY REVIEW YOUR DOMAIN LOCK PORTFOLIO
Your domain portfolio is constantly changing with the launch of new brands, the retirement of old ones, developing operations in new markets, as well as buying and selling businesses. Therefore, you need to both understand what your business-critical domains are at any given time, and ensure they have the right security in place—including domain locks.
At the same time, the domain registries are constantly updating their offering and processes, and as new domain extensions become available for locks, it's important to ensure you're taking advantage of them.
DNS hijacking is a constant threat, but it can be mitigated. Registry locks are the most effective preventive measure that should be put in place.
CSC AUTO-LOCK POLICY FOR VITAL DOMAINS
In 2019, the Internet Corporation for Assigned Names and Numbers (ICANN), the U.S. Department of Homeland Security, the National Cyber Security Centre (U.K.) and other leading security organizations—including Cisco® Talos, FireEye®, and Akamai—all urged governments and the global business community to take action to protect themselves from increased, widespread DNS hijacking attacks. One of the most important preventive actions discussed was registry locks for vital domain names.
Due to the increase in numbers and severity of DNS hijacking, CSC created an Auto-Lock Policy for all clients that use CSCDomainManagerSM. Clients have the right to opt-out of our Auto-Lock Policy, but given the increasing threat of DNS hijacking and the significant harm that can come from an attack, we highly discourage opting out. In addition, we strongly recommend that any decision to opt-out be made after consultation with the chief security officer (CSO), general counsel, or other senior leaders within an organization who are responsible for managing cyber security risk.
CSC SECURITY CENTER IDENTIFIES YOUR BUSINESS-CRITICAL DOMAINS
In 2018, we introduced CSC Security CenterSM, an innovative tool that helps important clients—like you—identify vital domain names within their portfolio and provide near real-time security insights into those assets, along with our other enhanced security protocols to protect our clients' domain name portfolios from cyber criminals, state-sponsored parties, and other malicious actors.
WE'RE READY TO TALK
Our specialists are ready to answer your questions about CSC MultiLock.