Domain & DNS Management
A Strong Case for Business Process Management Improvements
Business Process Management (BPM) has transformed the world we live in since the days of Adam Smith. From auto manufacturing, to insurance claim processing, to ordering a drive-thru burger, business processes have been analyzed and transformed for the better with strategic business goals such as:
Product Quality • Operating Performance • Cost Reduction
Seriously. Burgers.Wendy’s Restaurants hired global consultants McKinsey to study the way orders were processed at drive-through locations. Detailed analysis of the chain of tasks comprising an end-to-end drive-through order revealed (among other things) that one key phrase in the order-taker’s voice script made a 7 to 10 second difference to order processing time:
Present Method of Operation (PMO) Script: “Hi, how are you today?”
Future Method of Operation (FMO) Script: “What can we get you today?”
It turns out that a seemingly trivial few seconds’ delay at the front end of the transaction process significantly impacted throughput, customer satisfaction, revenue, and cost per order. Business Process Management improvements typically yield 15% to 50% increases to product quality, productivity, and cost savings.
Organizations in every industry have many thousands of repeatable business processes characterized as a set of activities and tasks purposed to achieve a goal. Business Process Re-Engineering/Improvement (BPE/I) took off in the 1990s as organizations found opportunities to establish logical process order over activities that may have been unplanned, unstructured; and rife with errors, duplicated effort, and inefficiencies.
Business wisdom dictated that the biggest, gnarliest, most customer-facing processes in any organization be targeted for BPM makeovers first. Manufacturing, customer service and IT are perennial candidates for ongoing Business Process Management improvements.
Today, we live in the digital economy. The explosive growth of cloudification has generated new opportunities for BPM improvements owing to two important factors:
- Security threats have multiplied across a vastly expanded attack surface
- Legacy, manual processes managed in operating and system silos are obsolete
Corporate domain and Domain Name System (DNS) management operations stand out as an example for long-overdue business process improvement. Domain management has all the hallmark attributes of a necessary business process management improvement initiative:
- A complex chain of tasks, across multiple operating teams and departments
- Business stakeholders working in silos with undefined asset and process ownership
- Labor-intensive, high cost task management over a long asset ownership lifecycle
- Internal and external InfoSec risk factors linked to manual process errors and omissions
- Increasingly demanding governance and compliance requirements in the digital age.
Poor process can be squarely blamed for a growing number of high-profile domain and DNS security compromises such as the Sea Turtle attack, that have damaged large brands and organizations. Domain and DNS hijacking events invariably trace to a failure on the part of domain stakeholders to adequately monitor and secure their ever-growing domain portfolios and related DNS digital footprint. Security vulnerabilities abound when domains and subdomains proliferate in an organization, often managed across multiple registrars and managed DNS services. Legacy domains are forgotten, TLS certificates expire, DNSSEC keys fail, HTTPS errors persist, and Start of Authority (SoA) record gaps on the DNS all expose the business to threats.
It is a simple principle
External threats exist due to persisting internal causes related to obsolete business processes.
In organizations where operational ownership over the entire domain lifecycle is not clear, process gaps create security exposure. The DNS is unique in that it’s a ubiquitous and open system, visible to malicious parties able to monitor organizations for specific weaknesses to exploit. At the same time, internal IT staff lack visibility systems to understand their own infrastructure.
Given the widespread adoption of BPM initiatives in so many operational areas, it begs the question: why hasn’t domain and DNS management benefited from improvement to the same degree? Organizations themselves admit the unique issues hampering process improvement over domains and the DNS:
- Lack of clear corporate process ownership due to operating siloes makes problem identification and resolution hard to build initiative consensus
- Lack of priority perception compared to high-profile initiatives
- A perception that making changes to the DNS is difficult and risky
- A fragmented vendor ecosystem lacking systems-based process solutions
A prevailing attitude in many organizations suggests that domain and DNS management is under control. This thinking defies reality for DNS experts willing to take the time to investigate.
- Numerous credible security authorities including Homeland Security and the UK’s NSTC have identified the DNS as a major global risk for all organizations
- DNS audits on enterprise digital footprints reveal glaring security and DNS hygiene gaps
- Total Cost of Ownership of domain portfolios has increased several-fold in recent years
- New regulatory initiatives including the GDPR and The California Consumer Privacy Act (CCPA) have significantly raised the financial exposure organizations face in the event of a preventable DNS breach.
Business Process Management reviews and improvements are long overdue in organizations’ domain and DNS management operations. Our next article will show how the front-end of domain processing can be dramatically improved with speed, efficiency, improved security, and reduced cost.
- You instinctively know the business has DNS management gaps and security exposures
- You are not sure where or what to do about it
- Your network and IT security teams are already maxed out and likely not equipped
- You are not alone. We help enterprise teams GET and KEEP their DNS secure. It starts with an audit.