As a multinational company, you likely possess a portfolio of diverse brands, operate across international borders, and maintain a variety of websites. The process of getting these websites up and running involves your IT department configuring DNS records, a process that is often met with anticipation and enthusiasm by your Marketing team. However, the corresponding task of deleting these DNS records when a website becomes obsolete does not generate similar excitement or focus.
Why is this a challenge?
Leaving a record behind in DNS that is no longer linked to an active website is like keeping a record in your phonebook of a friend who has changed their phone number. When the new owner of the phone number calls you, you would initially think it is your friend. This is exactly what is known on the Internet as subdomain hijacking. (Read more)
What will happen if you don’t act?
Subdomain hijacking poses a significant cybersecurity risk for organizations. It occurs when malicious actors gain unauthorized access to a subdomain, exploiting it for phishing scams, malware distribution, or damaging the legitimate domain’s reputation. The consequences can include financial losses and severe damage to the brand reputation and customer trust. To mitigate this risk, organizations must implement robust security measures such as regular monitoring of DNS records, stringent access controls, and employee awareness training.
How can you solve it / What does the solution look like?
Identical to your phonebook, changes must be reflected. For a multinational owning 100+ domains, 35+ websites and maybe also several domains set up for mail, you need to have a monitoring system in place that gives you real-time insight into the actual behavior of a DNS record versus the desired behavior. For example, a DNS record setup for a website, should show a website and not an error page or redirect to another website. By using a monitoring system, you can protect yourself against subdomain hijacking.
How can the Nixon Team / Platform help you?
The Nixon platform can give you insights into your portfolio of websites. By using the CMDB functionality, you have a single source of truth, which you can eventually connect with your existing CMDB in ServiceNow. By comparing the expected behavior of the websites against the actual behavior, we can give you insights into the DNS records that do not match the expected HTTP status.
Besides your portfolio of websites, we can also do these for all domains you have purchased for Marketing, Communication, Defense or other reasons. By defining the purpose of a domain being purchased, which you can do in the Nixon Platform, we can give you insights into any differentiation between actual behavior versus expected behavior. Some of our clients use this information to clean up their huge portfolio of domain names.
What does success look like / what is the result?
By automating the monitoring of the behaviors of DNS records and automatically assigning clean-up tasks for unused records to the team responsible for the execution of DNS changes (IT), the risk of subdomain hijacking will belong to the past.
By automatically validating the purpose of a purchased domain against the actual behaviour, you can ensure Marketing and Legal teams that domains are set up as they were intended. In case the purpose is no longer valid, the domain can be lapsed resulting in an optimised domain portfolio.