Domain Risk Management - Build vs. Buy


Our 3-part blog series concludes

We've come to learn in this blog series that while Domain Risk Management (DRM) can be a straightforward process, it is by no means easy to execute, especially at scale. As we've discussed, DRM includes the active management of typosquatting domains, through both proactive acquisition, and comprehensive and continuous threat discovery and assessment.

In the final blog in this series, the focal point shifts to the decision criteria and considerations to make a build versus buy determination for an effective and scalable DRM program.

Considerations fueling the decision

DRM requires that for every domain an organization owns, its likely typosquatting variations be discovered and assessed.  If this process only concerns one or two domain names, then it will be relatively easy to leverage something like dnstwister to achieve this goal.  However, what about an organization that has numerous domain names, say 5, 10, 20, or more? This is a problem that can’t be solved through simply scaling personnel (human capital).

In fact, as we've come to learn, DRM can quickly become a problem of seismic proportions--the magnitude necessitating a high level of automation at the core in order to power an effective program. Companies may choose to build a system in-house to perform this level of monitoring and detection.  However, the takedown portion of the process typically requires legal expertise, drawing in the Legal team, and driving up the cost of the operation, rapidly.

For a small organization with a handful of domain names, an in-house manual operation is feasible, though it would not be as thorough as using a fully-automated solution. It is possible to design a program that takes roughly four to eight hours a week worth of manual tasks. But if the domain portfolio grows disproportionately faster than the security team, this manual approach and program will tap out.

Laying it out - Build vs. buy

Here's a simple framework for considering and making the right decision for your business.

DRM - Build in-house

Pros:
● The capabilities of your DRM program are completely customizable, dependent upon your imagination and requirements.
● Since the program is built in-house, you will have a knowledge of both your organization and the program should you need support.
● As your needs or requirements evolve, you have complete control over the program to adjust as you see fit.

Cons:
● Tremendous labor costs, especially if you leverage and build a software platform in-house.
● The program will be built by a team who may not be skilled in DRM, likely creating gaps in protection.
● Staff turnover exists in every organization, when the person who developed your program leaves will it continue to run?

DRM- Buy as a service

Pros:
● Buying a DRM service offers you a turnkey, immediate ROI, program providing protection on Day 1.
● A professionally designed DRM will provide the greatest level of protection for your organization's domains.
● The ease-of-use of a DRM service all but eliminates the challenge presented by the skills shortage.

Cons:
● As a security practitioner you need to consider anywhere your organization's data may exist, a DRM service is no different.  You must review the platform's data handling practices.
● You are shifting the operation of your DRM to a third party, careful selection of the third party must be performed to ensure continuity of the service.
● Lack of customization may be a concern if your organization has unique challenges in the DRM space.

Final thoughts (the Bolster pitch)

We may be biased here, but we believe investing in a DRM service from a company like Bolster offers distinct advantages over attempts at an equivalent solution in-house.  Some of the largest brands in the world believe this too, leveraging the out-of-the-box automation offered by Bolster to stand up a scalable and effective DRM solution quickly. Check out the success Zoom experienced, and continues to experience, with our service. Our solution is augmented further by computer vision, natural language processing, and deep learning to identify logos, images and content being used to hijack a company's brand, across websites, social media platforms, apps stores, marketplaces, email systems and search engines. So the coverage and protection is comprehensive.

When malicious conditions are discovered, the takedown process is initiated via API or other automated means with hosting companies, registrars, and content distribution networks, resulting in zero-touch takedowns measured in minutes and hours versus days and weeks. But that's for another blog series so stay tuned.

***

Part 1: Domain Risk Management - Elements of an Effective Program

Part 2: Domain Risk Management Program - Discovering the Threats

Learn more: Bolster Domain Protection solutions

Request your free trial today: Bolster Free Trial

Jeff Baher

Jeff Baher