Digital Assets Management: A Myth or an Unsolved Mystery?
Jayce Yeo, APAC Regional Director, CSC
Jayce Yeo, APAC Regional Director, CSC
- Do you know how many corporate domain names your organization has?
- Do you wonder which ones are the most valuable?
- Who manages these domain names and other digital assets on your company’s behalf?
- And if this person were to leave the company, do you know what legacy information is tied to that employee?
What are digital assets?
All of the above are pertinent questions in today’s world. Even the most internet savvy companies can do more in digital asset management. First, what are digital assets? Simply, CSC defines digital assets as domain names, the domain name system (DNS), and digital certificates like secure socket layer (SSLs). These digital assets are the foundational building blocks of business viability and operation.
- You need a domain name to operate a website.
- Your DNS enables the visibility of your web content.
- Your digital certificates help users feel secure when making transactions on your platforms (indicated by the padlock you see on your web address bar).
In reality, these foundational assets help ensure your website, email, and corporate applications are running smoothly (much like electricity powering your house).
Digital assets sit outside the firewall
Despite their importance, one overlooked fact is that these digital assets sit outside a company’s firewall. These are often managed with third-party providers, which means you are only as secure as your weakest vendor. These critical assets easily become security blind spots that cyber opportunists can leverage as points of entry to launch their attacks. The consequences of such attacks can range from website redirection (to a phishing site, for example), business email compromise, network breaches, fines, and brand reputation damage. If you search the news, you’ll read about corporations falling prey to DNS and domain hijacking, resulting in loss of control of their web properties and even financial loss.
Inherent risks to digital asset management
It’s important to understand the risks posed by the lack of or mismanagement of digital assets. Key risks include:
- Change of personnel or custodians of corporate digital assets – No transfer of knowledge and zero visibility to digital assets activity.
- Lack of proper accounting of digital assets – Lack of understanding where assets are distributed within an organization (at group and local levels); you can’t control what you don’t know about.
- Not using enterprise-class providers with strong security protocols – You’re only as good as your weakest link; don’t partner with a provider that can get compromised due to lack of proper security controls, leaving your data vulnerable.
Best practices
With the right approach, organizations can manage them properly and be in compliance with internal and industry guidelines. Consider implementing the following:
Keep access to vendor accounts limited to necessary users only. Ensure vendor portals allow implementation of additional security measures like two-factor authentication and IP validation.
Consider single sign on to control user credentials.
Consolidate vendors where possible. Fewer portals and vendor accounts also means fewer credentials to manage. Most importantly, use an enterprise-class provider who puts security top of mind and implements a defense-in-depth approach for their own environment and for managing customers’ digital assets.
Download our free best practice guide, “When People Change Roles” >>
Why CSC?
Founded in 1899, CSC is the world’s leading provider of business, legal, tax, and digital brand services to companies around the globe. With headquarters in Wilmington,
Delaware, and offices throughout the U.S., Canada, Europe, and the Asia-Pacific region, we are the preferred solutions provider for 90% of the Fortune500®, over half of the 100 Best Global Brands (Interbrand®), and growing share of the Global 2000®.
We provide solutions for every phase of the business life cycle—from helping form entities and maintain compliance, to support for other corporate transactions and online brand protection.
As the leading and most security conscious enterprise-class domain name registrar, the Digital Brand Services division of CSC helps the world’s largest corporations protect against security blind spots by mitigating the risks of domain name, DNS, and subdomain hijacking, domain spoofing, domain shadowing, and other attacks that compromise business-critical applications.
CSC also leads in brand and fraud protection initiatives. We monitor, detect, and enforce against the unauthorized use of brands and fraudulent attempts across all online channels. CSC offers domain monitoring and brand protection in one platform—making it easy for clients to identify infringements and take immediate action.
We’re committed to educating our clients and industry stakeholders on known security blind spots. We provide clients with industry intelligence through regular reports, newsletters, and white papers, including:
- Digital Brand Insider – Top-level domain and new generic top-level domain updates (launch information including rules and regulations); the latest news in corporate domain management, cyber security, and online brand protection.
- Regular webinars – Online events of industry-specific topics presented by CSC industry experts.
- Industry seminars – Special events where CSC clients and prospects meet and learn from peers.
- Training – A range of complimentary training sessions on all of our services and industry best practices.
We constantly challenge ourselves to set the bar higher to exceed quality standards in our brand, compliance, and governance services. We listen to our clients’ wants and needs, and we keep our finger on the pulse of the changing industry to make sure we provide innovations that help our clients perform at their best.
