The general availability of .MADRID, the geographical extension of Madrid, the capital city of Spain is near. Managed by the Comunidad de Madrid registry, this extension was launched last April following the calendar below:
Launching schedule
APL
period (Approved Launch Program): from 11/04/2019 to 06/06/2019
Sunrise
and LRP (Limited Registration Period) period: from 16/07/2019 to 10/12/2019
General availability: from
17/12/2019
Some requirements must be respected to register a .MADRID domain name. A .MADRID name’s registration is reserved to individuals or legal entities possessing a link with the Madrid Community:
Local
presence;
Professional,
personal, cultural or commercial activity in the Madrid Community;
Direct
or indirect link with the Madrid Community.
The date of the general availability planned for December 17 2019, is approaching, if you wish more information on your .MADRID registration, don’t hesitate to contact your Nameshield’s consultant.
Financial services companies are particularly affected by cyberattacks. They possess a wealth of information on the customers, protect their money and provide essential services which must be available day and night. They are a lucrative target. Among the favored lines of attacks: the DNS.
The Efficient IP’s Global DNS threat annual
report shows a constant growth of the DNS attacks’ number and the financial
impacts, with an average financial loss of 1.2 million euros in 2019. This
amount was estimated at 513 000€ in 2017 and 806 000€ in 2018.
If all the industries are affected by
cyberattacks, 82% of the companies surveyed have been affected and 63% have
suffered a traffic disruption, the financial industry pays a more important
price with 88% of impact. Conducted with 900 persons from nine countries of
North America, Europe and Asia, the study indicates that financial companies
suffered 10 attacks in average during the 12 last months, i.e. an increase of
37% compared to last year.
The increase of the costs is only one of the
DNS attacks’ consequences for the financial services industry. The most common
impacts are the cloud services’ downtime, experienced by 45% of financial
organizations, and internal applications downtime (68%). Furthermore, 47% of
financial companies have been the victims of frauds by phishing attacks aiming
the DNS.
The survey clearly shows the insufficient
security measures implemented for the DNS securing. The delay in applying security
patches is a major problem for the organizations of this industry. In 2018, 72%
of the interviewed companies admitted that a 3 days’ delay was necessary to
implement a security patch in their systems, 3 days during which they are
exposed to attacks.
Only 65% of the financial institutions use or
plan to integrate a trusted DNS architecture, they seem to be always late and not
to be sufficiently aware of the risks associated to this central point of their
infrastructure. The evolution of the threats on the DNS is constant, the attacks
are many and complex. It is essential to quickly react to better protect
yourself.
Industry, trade, media, telecom, health, education, government, service… many others sectors are affected by the attacks. Some solutions exist. ANSSI publishes every year the guide of good practices regarding the DNS resilience, which details many recommendations in order to be protected. Relying on an Anycast network; possessing a protection system against DDoS attacks; having a monitoring of DNS traffic and a team able to take action quickly; possessing an efficient security policy … As many measures essential to the resilience and efficiency of the DNS network against these damaging attacks in terms of financial and image impact.
Hoping to see at last better figures in the
2020 report.
During the first half of November, the 66th ICANN Summit was held in Montreal, Canada. This third and final annual summit devoted to policies applicable to Internet naming was eagerly awaited as the topics under discussion are numerous. At its closing, however, it left many participants a little bit disappointed.
A preview of the topics and postures during the weekend before the official launch of the Summit
The weekend
before the official opening of the Summit is usually an opportunity to get an
overview of the topics and postures involved. Not surprisingly, the expedited
Policy Development Process (ePDP) which aims to develop a consensus rule to
specify future conditions of access to personal data that are no longer
published in the WHOIS, the domain name search directory, due to GDPR, is one
of the major topics.
Among other
related topics, the replacement of the same WHOIS by the RDAP (Registration
Data Access Protocol) probably next year for generic domain names. This
replacement is not insignificant when we know that WHOIS has been in use for
nearly 35 years.
The body
representing governments, the GAC, has weighed up the issue of domain name abuse,
which has taken off considerably on the new generic extensions launched in
2012. When we know the rise of Internet practices aimed at weighing on
elections in certain countries and the economic impact of computer attacks and
hacking, we understand that this subject is being pushed by the GAC. While one
of ICANN’s topics is to clarify in their texts the notion of malicious uses, this
term refers to domains registered for phishing, malware, botnets and spam, the
other part concerns the means to stem them. The existence of abusive domains indeed
threatens the DNS infrastructure, impacts consumer safety and threatens the
critical assets of public and commercial entities. Finally, and not
surprisingly, the subject of a future round of new generic extensions has also
been on many lips.
Cherine Chalaby at the ICANN Summit held in Montreal
“The best ICANN summit”, really?
During the traditional opening ceremony, which brings together all the guests for one hour (2500 according to Goran Marby, ICANN CEO) in a huge room to listen to various speakers, including Martin Aubé of the Quebec Government’s Ministry of Economy and Innovation, Cherine Chalaby, one of the ICANN Board members whose term ends at the end of the year, told his audience that ICANN66 would be the “Best ICANN summit”. It must be said, however, that at the end of the week of debates and meetings, which followed one another at a sustained pace, while the subjects under discussion are really numerous, the feeling regarding this assertion was more than mixed for many participants.
First, the
expeditious process for access to WHOIS non-public data is progressing with a
framework constrained by ICANN and the Personal Data Protection Authorities.
The outcome of this process is envisaged between April and June 2020 and it is
currently a centralized model where ICANN would allow the future lifting of
anonymity of data that are now masked due to GDPR which holds the line.
Then the subject that was probably
most often mentioned during this new summit week concerned abuses with domain
names. For ICANN, the subject is central because it is directly correlated to its
totem: the stability of the Internet for which they are the responsible. Since
February 2019, ICANN has been publishing some metrics on malicious practices
identified through DAAR, their Domain Abuse Activity Reporting.
Their latest report presented in
Montreal shows that 364 extensions (mainly new generic extensions from the 2012
round) revealed at least one threat posed by one of the domain names activated
on these extensions. More worryingly, new generic extensions would still account
for nearly 40% of malicious uses, compared to 60% for historical generic
extensions. This figure should be highlighted with the volume of these two
categories of extensions. Indeed, out of just over 200 million generic names,
new generic domains represent only 15% of the total number of registered names.
ICANN therefore wants this subject to be taken up by the entire community
present in Montreal.
Proposals were made by the various bodies present, some of which went so far as to request a policy development process (PDP). This last proposal, if it were to obtain ICANN’s approval, would have the unfortunate consequence of postponing the hypothetical schedule for a next round of new extensions, a subject that interested many of the guests present in Montreal. Indeed, for ICANN, the problem of the concentration of malicious practices in the new generic extensions must be solved before any future round, so that the PDP still in progress on the review of the last round of 2012 has gone almost unnoticed.
If the rules are slow to evolve on malicious uses, your Nameshield consultant can already provide you with adapted solutions to your needs on this key matter.
Just one year ago, in the context of the first
Paris Peace Forum, the French President, Emmanuel Macron, launched the Paris
Call for trust and security in cyberspace. This call is a political
declaration aiming to express a mobilization on the stability in the cyberspace
and strengthens the efforts of the international community and many actors
involved in the digital security issues. This text reminds some principles that
we think are fundamental, like the application of the international rights and
the Human rights in the cyberspace. It also highlights the need of a multi
actors’ approach, to create standards which will allow us to fully benefit,
i.e. in a reliable and secure way, from opportunities provided by the digital
revolution.
Lastly, the Paris Call promotes the
strengthening of the digital products and services’ security that we use for
example, in our daily lives. The text aims in that sense, to prevent
cyberattacks perpetrated by malicious actors, which threaten all the users of
the cyberspace.
Aware that our Society’s development, on the
economic, cultural and democratic fronts, requires a strengthened trust of the
information that flows through the Internet, Nameshield, which has worked for
25 years to protect the digital identity of its clients; companies, local
collectivities and administrations through the use of their domain names,
wished to join this initiative and sign the Paris Call.
Its job consists in ensuring the integrity and
resilience of the identity of individuals and organizations on the Internet,
represented today by the domain name. By highly protecting data on domain name
identity cards (Whois) and by providing a high availability and high performance
service through the associated Domain Name System (DNS), Nameshield contributes
to a large extent to the second principle of the Paris Call: Protecting the Internet. To prevent activity that intentionally and
substantially damages the general availability or integrity of the public core
of the Internet.
Cornerstone of the Web, the Domain Name System (DNS) serves as the Internet directory. This protocol translates a domain name into an IP address, based on a database distributed on thousands of machines. If the DNS falls because of data corruption or a denial of service attack, all your websites and emails would become inaccessible, which is completely unthinkable nowadays! The DNS must be protected and must stay highly available.
Protocol created in the 1980’s, security flaws regarding the usual functioning of the DNS have been identified since its creation. That is why, a new secured protocol, DNSSEC, has thus been developed to ensure the authenticity of the exchanges through a certified signature. Other solutions can complete the resilience of your identity on the Internet: the registry lock, SSL certificates…
The security solutions proposed by Nameshield, an independent French company that stores its data in France and possesses its own anycast and resilient DNS infrastructure, certified ISO 27001 on all its domain names activity, are compliant with the ANSSI recommendations on the good practices regarding the domain names’ acquisition and exploitation.
In the context of the 2nd Paris Peace Forum, the Ministry of Foreign Affairs wished to illustrate the second principle of the Paris Call: Protect the Internet by highlighting the services proposed by Nameshield. The company is proud to be able to collaborate, at its level, with the actors implicated in digital security issues in order to make the Internet more reliable and thus contribute to the security of the cyberspace.
During a rebranding for marketing purposes, in the context of a merger or an acquisition for example, a company can change its website’s domain name.
At the search engines’ level, it is all the pages that change, as if this was a brand new website. Therefore, how not to lose the work done on the SEO and make a successful transition, in particular if the website is old?
In the case of a rather old website with an optimal referencing on the existing domain name, transferring a website on a new name can ruin the time-consuming work that is the SEO. If the decrease of the traffic from organic search is normal (and temporary), some advises can help lessen the downturn, at least during the transition period.
Copy identically your website and implement 301 redirections
The first tip is to completely keep the
website’s architecture, so that only the domain name changes in the URL.
Then, permanent redirections (301 redirections)
must be created from each pages of the former website towards the corresponding
page of the new website. Do not implement multiple redirections.
This process must be closely monitored to
ensure that each 301 redirection is effective. The search engines will know
that it’s not necessary to index the former name anymore but it’s the new one
that must be indexed now. To ensure this, it is necessary to check that none of
the former pages is accessible through the former domain name.
Have the backlinks updated
Google uses parameters linked to confidence
indicators in its algorithm, thus to trusted websites, deemed as such by the
search engine (indicators like the age of the website, the transparency of the
legal notices, the ratio links number/words number per page, the links number
pointing from other websites to this one, the extensions like .edu, .gov, the
institutional websites, media websites, etc.) Hence, it can be interesting to
quickly obtain the links from this kind of trusted websites at the time of the
migration.
Along the same lines, reviewing your backlinks
and requesting to the websites that refer to your website to update these
links, so they link towards the new name, is an advantage. Of course, if you
have many backlinks, concentrate on the more important backlinks regarding the
referencing.
Inform Google
Lastly, it’s possible to directly inform Google
of the changing through Google Search Console, the search engine will then
update its index.
Register the sitemap
By submitting a sitemap file for the new website to the search engines, you will gain time in referencing by immediately giving to the engines the pages to index.
Keep the same holder for the new domain name
Make sure that the new domain name has the same
proprietary information on its whois as the former domain name. Google may
check these data.
Be patient
Do note that on Bing you will need an average of 2 months to get your referencing back, and about 6 to 7 months on Google.
Following the launch of .APP, .PAGE, and .DEV
among others, Google (Charleston Road Registry), launches the new extension .NEW
in Sunrise period as of October 15, 2019.
Conditions for registration of a .NEW
In order to use a .NEW domain name, you will need to acquire an SSL certificate and deploy HTTPS. For reminder, the .NEW extension is included on the HSTS pre-upload list, requiring HTTPS protocol on all .NEW domain names (more details in the article “Google makes HTTPS encryption mandatory for its 45 new TLDs : .dev / .app / .how…”).
All
domains on .NEW must resolve to action generation or online creation
flows. Once resolved, the web user should be able to ‘create’ something without
any further navigation. For example, docs.new proposes a dedicated page proposing
the direct use of Google online word-processing software allowing a new
document creation page.
Any
.NEW
domain will need to be live within 100 days of registration.
If these conditions are not respected, the
registry will consider the registration as non-compliant with the registration
policy. In this case, the name will be placed on hold. The registrant will then
be notified to correct and apply these conditions, if no action is taken, the
domain will be blocked then deleted.
Launch calendar
Sunrise period: from October 15, 2019 to January 14,2020
LRP (Limited Registration Period): from January 14
to July 14, 2020
General availability:
from July 21, 2020
For more information on the conditions for registration of your .NEW, don’t hesitate to contact us.
Last October 15, Kaspersky, the antivirus software company, published an edifying report about the volume of cyberattacks directly aiming connected objects.
Although the industry expected that this new generation of objects would be directly targeted by cyberattacks, the increase in the cyberattacks number is alarming and lets easily imagine the security flaws that the connected objects present.
According to the estimation presented by
Kaspersky, between the beginning of 2018 until mid-2019, the attacks would have
reached the record of 105 million, i.e. nine times more than the previous year
as a whole.
In order to conduct this research, Kaspersky used the trap technique by deploying more than 50 honeypots across the world. A Honeypot is a program that imitates the connected objects’ signature specifically created to attract cybercriminals. It was then possible to detect attacks from pirates that fell into the trap set for them. According to Kaspersky, during this experience, more than 20 000 sessions would have been infected every 15 minutes. 105 million attacks from 276 000 unique IP addresses have then been detected (compared to 12 million in 2018).
Furthermore, the report indicates that both in
2018 and 2019, China and Brazil are vying for the top position of the countries
that served as the origin of the attacks launched.
The main malwares that use the security flaws
of connected objects are well known (Mirai for example) and identified.
While we are aware that IoT is a privileged
playground for pirates, the first security measures are far from being
systematically applied. It’s essential for example to change the password
installed by default for each connected devices’ purchase.
For reminder, although technologies of cyber
malice are indeed more and more sophisticated, the first gateway for pirates remains
the users’ lack of vigilance.
As of October 19, 2019, internationally-based EU citizens can now register .EU or .ею domain names.
The .EU is the country code top level domain for the European Union. More than 3.6 million registrations spread out across Europe make this TLD a popular extension. Initially, this extension is only reserved to companies and individuals residing within EU and EEA member states. However in order to meet the needs of an ever-changing digital environment, EURid, the .EU registry, changes this eligibility criteria to extend it to all EU citizens living around the world.
“We are
excited to be able to extend the registration criteria to EU citizens around the
world. The .eu domain is now closer to your ambitions, achievements and dreams.
It is the bridge connecting you to your friends and family – even if you live
outside the EU. It will always show your roots, your outlook, and your cultural
values.” – Marc van Wesemael, EURid`s CEO.
For more information on the conditions for registration of your .EU, don’t hesitate to contact us.
Argentina now offers the possibility to register .AR domain names. Until now, it was only possible to register third level domain names particularly in .COM.AR.
Here are the launching periods planned:
Sunrise period – From 11/09/2019 to 09/11/2019
Priority
to holders of domain names registered in the zones .com.ar, .net.ar, .org.ar,
.int.ar, .tur.ar, before December 1st, 2015 and in effect at August
27, 2019.
At
the end of this period, if only one request is received, the user who did the
request can register the domain name by paying the corresponding tax. If many
requests are received by the registry for the same name, the holder of the name
will be decided by drawing lots.
Intermediary period – From 27/11/2019 to 27/01/2020
During this period, all the community can request the registration of domain names available in .AR.
The reserved and restricted domain names are
excluded and some domain names will likely be subjects to approval.
Reserved domains: domain names identical to names registered in ‘.gob.ar’ and ‘.mil.ar’ are exclusively reserved to these names’ holders. To note: Even a domain name reserved in one of the .AR zones can be classified as reserved by the Argentinian registry.
Restricted domains: Even a domain name reserved in one of the .AR zones can be classified as reserved by the Argentinian registry, making these names unavailable for registration.
Terms
which are subjects to approval: normal words or expressions which, if they are
part of a domain name, must be approved by the Argentinian registry. They
include names that are aggravating, discriminatory or contrary to the law, to morality
or to good customs, or that could cause confusion, deception or identity theft.
Starting 15/09/2020, domain names available can be registered in .AR by any user, depending on the conditions set by the rules of the Argentinian registry.
For reminder, the registration conditions of the .AR include the providing of supporting documents.
If your current domain names portfolio doesn’t
have COM.AR, NET.AR, etc. and you wish to register a .AR at the time of the
general availability, we advise you to anticipate and to contact your
consultant to know the detail of the documents to provide.
Essential key element to any dematerialized data flow exchange, the domain name became a strategic intangible asset of great value. Depending on the academic works, there is a real correlation between the intangible assets’ quality and the companies’ economic performance. Identifying and valuating domain names becomes necessary for the financial director. Explanations in La revue de la Société Française des Analystes Financiers – SFAF (the journal of the French Society of Financial Analysts) of Jean-Manuel Gaget, Strategy and Consulting director of Nameshield and administrator of the Institut de Comptabilité de l’Immatériel (Intangible Accounting Institute).
In the 90’s, the domain name was an accessory
element of the brand. During its world expansion, it became the principal
element of the brand, in particular in the e-commerce’s world. You only need to
look at how Amazon or Easyjet have developed their logo to consider it as a
unique communication medium.
The domain name has this unique particularity to be an intangible asset with four dimensions. It is simultaneously:
An
IT object allowing to access services on the Internet by being the link between the IP address (a suite of
numbers) of a physical object [computer, server, smartphone…] and a literal
name (role of the Domain Name Server or DNS);
A
communication tool allowing to establish its identity on the Internet and gain
a digital territory;
A
legal element through a temporary contract with an Internet Registry;
A
financial asset, accountable as an intangible asset under certain conditions.
Now an essential key element to any
dematerialized data flow exchange, be it for email sending, the access to
websites, social networks and connected objects, any data exchange on the
Internet passes by the use of a domain name and any service disruption has
important consequences on the organizations’ activity.
Why and how to rate your domain name capital?
Today, the academic works, in particular carried by the French referential of the intangible capital’s measure “Thesaurus Capital Immatériel” (Thesaurus Intangible Capital) show a real correlation between the intangible assets’ quality and the companies’ economic performance. The higher the quality of the intangible assets is (human capital, information system capital, customer capital…), the stronger, more sustainable and economically efficient in the medium and long term the company’s fundamentals are. Hence the importance to measure the intangible capital and its evolution over time.
However, as much as literature is rich
regarding methods of brands valuation, it is near non-existent regarding domain
names. That is why in 2019, the Intangible Accounting Institute wished to enrich
the Thesaurus Intangible Capital with a specific section on the rating of the
domain name capital. In the same way that clients, Human, IT, knowledge… assets
are evaluated, we searched to evaluate the domain name capital in association
with the brand capital. Because brands and domain names are now inseparable!
Accounting principles applicable to domain names
In a decision of the French Council of State of
December 7th, 2016 (ebay.fr case), it is reminded that if the use of a domain
name:
Represents
a constant source of profits;
Has
a sufficient sustainability (particularly if it can be regularly renewed);
Is
likely to be transferred;
Then it is an intangible asset of the company and must follow the associated accounting and tax rules. As such, the domain names have to be accounted either at their creation cost, at their acquisition value, or at their current value (market value) for the ones acquired free of charge. The domain names are then not to be considered as a simple IT workload, but as real assets that should be managed at fair value. As such, further attention on tax issues related to domain names’ value must be given within the context of the transfer prices.
The market approach aims to measure the
semantic value of a domain name by reference to the monetary transactions
passed. To that end, we have developed a database of more than 1.4 million
transactions passed. This approach allows to give a price value by comparable.
Aim: to measure the digital performance of the organizations
These three approaches of domain names valuation
by historical costs, the market and the loss, combined to the domain name
capital rating are tools that should be at the disposal of the financial
directions so they can better measure the digital performance of their
organizations.
Nameshield uses cookies
Nameshield wishes to use cookies to ensure the proper functioning of the site and, with our partners, to measure its audience🍪.
Nameshield wishes to use cookies to ensure the proper performance of the website and, with our partners, to monitor its audience. More information in our Cookie Policy 🍪.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
cookielawinfo-checkbox-advertisement
1 year
Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent
1 year
Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Cookie
Duration
Description
_ga
2 years
The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_25904574_14
1 minute
Set by Google to distinguish users.
_gid
1 day
Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Cookie
Duration
Description
NID
6 months
NID cookie, set by Google, is used for advertising purposes; to limit the number of times the user sees an ad, to mute unwanted ads, and to measure the effectiveness of ads.
![[New gTLD] Launch of .NEW by Google](https://blog.nameshield.com/wp-content/uploads/2019/12/Sortie-du-.new-Google-1200x743.jpg)
![[New gTLD] Launch of .NEW by Google](https://blog.nameshield.com/wp-content/uploads/2019/12/Sortie-du-.new-Google.jpg)
