Jim worked at enterprise, Acme Co. His CEO, Wile E., was a genius innovator who wanted to get on the world wide web. So, Wile E. asked Jim to figure it out with the marketing team.
Jim was excited. He discovered a domain registrar, Network Solutions, plunked down the company credit card, registered the domain, and set up a Domain Name System (DNS) A Record and an MX record.
The marketing team did the HTML, and the business published its first website and email. Two dozen domains and microsites later, Jim got promoted and passed the management of the domains and DNS to the new IT Director, Carl.
Carl received a few more requests for domains from the IP and marketing teams. It was fun and not too difficult with one registrar, DNS provider and certificate authority, and a just a few internal stakeholders.
Then things started to accelerate. The new digital era was here. The growth in domains began to explode. ICANN was established. Several new domain Registrar competitors to Network Solutions emerged, driving down the costs per domain. As with any technological change, it was exciting and getting more complicated with many new internal stakeholders.
The IP attorneys wanted domains as part of a defensive registration strategy. The new "digital" group was growing and moving fast, and Carl was registering and managing domains for many internal clients at new registrars, GoDaddy and Tucows.
The newly empowered digital group wanted more control and started registering and managing domains and DNS on their own with their own registrar accounts. That was fine with Carl, as he was overloaded with other internal client needs. A couple of years later, Carl abruptly left the business, moving to Washington to take up whittling and salmon fishing. Everyone was happy for Carl.
During that period, Acme Co. CEO Wile E went on an acquisition trail, buying company after company. Roger took over as the IT Director responsible for domains, DNS, and certificates. He worked with other IT Directors from the newly acquired businesses, each with their own systems, various IP lawyers, some digital groups, product marketing and operations.
The shadow IT group in the now massive digital team did their own thing, which was also fine with Roger. This domain and DNS thing was getting painful, but it was never understood or managed holistically with a governance control process. Let the teams run their own stuff was an unwritten process.
Soon, though, credit cards started to fail, domains expired, systems crashed, costs grew, and Roger's IT team was constantly chasing domain, DNS, and certificate ghosts in reactive mode. In hindsight, it is easy to see that the DNS access was in many people's hands without clear ownership.
For example, Acme Co. didn't know how many domains they owned or where they were registered. In addition, the DNS was hosted at even more providers, and a few different Certificate Authorities were in use due to many stakeholders and shadow IT across the business.
Who owns this area? Roger manages some and relies on Ben, Katherine, Cynthia, Marvin and Sujeet across five different acquired business units, all doing their thing in siloed operating teams and systems. Roger then got promoted. In transition, he instructed everyone to renew their domains for five years so they would not have to worry about them anymore (until five years from now). He told them to ensure all accounts had company credit cards and to send the IP Attorney a list of all domains registered at the end of each year. Some did, and some did not. Roger had moved on
Then Ben left, Cynthia was promoted, Marvin moved into sales engineering, and Sujeet asked one of his administrators to deal with it. No one knows what happened to Phil. Phil had access credentials to several different registrars and DNS providers. It was never clear which ones he could access. Repeat. Repeat. Here we are today.
Who owns this area? It is a shared area with the different IT groups, shadow IT in digital, IP attorneys. So, all we know is that Carol controls our flagship .com domain and a few related product domains. The other domains must be with the IP team, although the new product marketing VP keeps registering new domains somewhere because he keeps asking for Ralph's help to point them to various partner destinations. Ralph took over from Roger after Roger moved to the product team.
It is 2023, and everyone is a stakeholder, but no one owns it across the business. So call it a shared responsibility, and HOPE no one lets one of those old domains expire that runs our production systems. Which domain is that? There are many, but no one knows which are critical until, of course, a domain expires.
The IT Director may be one of the most critical roles in any enterprise, but we cannot continue to push all this to him and his team; they need help. Yes, it's a problem and a pain for the team. There are vulnerability risks to the business, and we do not have change control over these assets.
We hope nothing bad happens to the various domains on which Wile E's innovation project is running. Wile E. will blow a gasket if we mess up those production systems. If you are an IT Director managing domains like 1999, it's time to rethink and modernize.
Contact Authentic Web to learn how easy it can be to consolidate your domains, DNS, and certificates to solve this problem, empower teams, address change compliance gaps, and mitigate DNS security vulnerabilities.