SAN FRANCISCO, February 23, 2015—CloudFlare, the leading Internet performance and security company, today launched CloudFlare Registrar, to bring large enterprises the highest level of security available and to protect their web domains from unauthorized changes. One of the biggest risks for high-profile customers is having their domains hijacked--meaning their sites are redirected or compromised without the site owner’s approval. Now, domain hijacking, domain expiration, or loss of control over an external account are all prevented with CloudFlare Registrar.
The security of a domain name is only as robust as the security of the registrar used to maintain it. Many domains on the Internet, even the highest-value domains belonging to large household name brands, are managed through consumer-focused registrars with limited security features. Domain hijacks--whether they are conducted by third party attackers or rogue employees--can be difficult to detect. What’s more, reclaiming a domain can be an arduous, expensive, reputation-damaging process that is never guaranteed.
“Customers who care enough about the security of their website to use CloudFlare are still at risk to domain hijacking via their registrar. By offering registrar services to CloudFlare Enterprise customers, we instantly eliminate the additional risk a third-party registrar may overlook,” said Matthew Prince, co-founder and CEO of CloudFlare. “Even in CloudFlare’s own search for a high-security registrar, we didn’t find anything that met our security standard. Rather than waiting for one to come onto the market, we built our own, fundamentally changing the way Registrar security is offered today.”
With CloudFlare Registrar, owners of high-value domains can protect themselves with enterprise-grade, customizable domain security and integrate domain renewal into their IT department workflow. This protects enterprises from the unexpected consequence of losing their domain, resulting in damage to their brand’s reputation, complete loss of their security functionality, control over their website’s content, and the potential to redirect web traffic to another IP address.
While domain hijacks have historically been outright web defacements or theft, an attacker can also choose be more subtle and proxy traffic to the original server, observing every user and tampering with any target. This is a particular risk for API providers (such as mobile application or IoT backends), where the hijacking of a domain can remain undetected while being exploited to compromise many applications.
Rather than limiting registrar account security to a single shared password or email address, customer can now require formal approval from multiple independent stakeholders within the organization to make any change. By adding friction to the process, it prevents the worst-case consequences of domain compromise. Web properties using CloudFlare Registrar will never expire; all domains will automatically renew when they have less than one year left on their registration term.
Domain name registrars, registry operators, and the governing body ICANN, have developed various security measures to protect domains and registrants--but they have not been widely implemented. "With other technologies like certificates, if anyone trusted is compromised, everyone is at risk. DNS isn't like that, you can manage your risk by choosing which registrar you trust. And the risk is significant, networks can be no safer than the DNS infrastructure that links them. CloudFlare integrating registrar security into their broad product line reflects a commitment to a deep level of security on the public Internet." said Dan Kaminsky, DNS security expert and chief scientist and co-founder of White Ops.
“CloudFlare Registrar isn’t for the masses, it’s for organizations that would make a front-page story if they lost their domains,” Prince said. “There are plenty of great mass-market registrars available today, but now high-profile organizations don’t need to settle for a one-size-fits-most security approach when it comes to their online brands.”
Interested CloudFlare Enterprise customers should contact their dedicated account managers to get started with CloudFlare Registrar. If you are not a current customer, learn how CloudFlare can help fully lock down your domains today.
CloudFlare, Inc. (www.cloudflare.com / @cloudflare) makes any Internet application lightning fast, protects them from attacks, ensures they are always online, and makes it simple to add web apps with a single click. Regardless of size or platform, CloudFlare supercharges Internet applications with no need to add hardware, install software, or change a line of code. The CloudFlare community gets stronger as it grows: every new site makes the network smarter. More than 5 percent of global Internet requests flow through CloudFlare's network; every month more than 2 billion people experience a faster, safer, better Internet. CloudFlare was recognized by the World Economic Forum as a Technology Pioneer, named the Most Innovative Network & Internet Technology Company for two years running by the Wall Street Journal, and ranked among the world's 50 most innovative companies by Fast Company. CloudFlare has offices in San Francisco, Champagne, IL, Washington, DC, London, and Singapore