Click here to close now.


News Feed Item

NCC Group Brings .trust to the Internet

NCC Group, the global information assurance specialist, has today announced its plans for .trust, a unique generic top-level domain (gTLD) that aims to provide a safer and more trustworthy Internet for both businesses and consumers.

A .trust domain will help protect an organization’s brand, reputation and sensitive customer information by enforcing the highest level of security and reliability. For consumers, it will provide a clear signal that a site is what it claims to be and is a safe place to do business, interact and share information.

Responding to the demands of the world’s online community, ICANN is currently operating a program to add thousands more gTLDs over the next few years. The majority of these new domains will be used to categorize companies and individuals into physical locations, industry segments or brands. In contrast, .trust has been created as a gated community to make the Internet more secure.

Rob Cotton, CEO at NCC Group said: “The Internet is a lawless world – ungovernable, unmanageable and insecure. Consumer confidence has gone, and businesses are at a loss at how to combat the risks.

“The new rollout of gTLDs is further changing the shape of the Internet. Cybersquatting and phishing were big issues with just 22 gTLDs, but with over 1,400 set to be introduced, these problems are set to get exponentially worse. The cost for a business to protect its online presence and purchase all possible domain combinations will also be extortionate.

“The benefits to businesses of having a .trust gTLD are immediately obvious. It will act as a key differentiator, bringing back consumer confidence by protecting customers as they transact and interact online.

“The Internet is set to change forever, and at NCC Group we are committed to changing it for the good, making it a safer place and introducing trust.”

Applicants for a .trust domain will have to verify their identify, ensure their organization is secure by complying to a strict and specific code of security policies and assure their infrastructure remains safe by undergoing regular compliance scanning.

The policies have been developed by a coalition of industry and NCC Group experts, and adhering to them will help provide comprehensive protection from vulnerabilities that threaten to compromise integrity, availability and privacy.

Cotton continued: “End users will come to recognize .trust as an island of trusted brands in a new confusing namespace.”

Pioneer businesses in San Francisco have been involved in the process of developing the security protocols for .trust for several months, and some of these will be among the first to take up the .trust domain when it is available for registration towards the end of Q3. Ultimately, brands with high customer data security needs—including banks and retailers—are expected to find .trust most appealing.

Notes to Editors – Further Details About .trust

NCC Group acquired from Deutsche Post the rights to the .trust gTLD application, for an undisclosed fee in February 2014.

What is .trust? .trust is a unique gTLD that will provide a safer and more trustworthy Internet. The .trust gTLD signals that a site is a safe website to interact and do business with. Organizations using .trust domains will be required to comply with rigorous security policies in order to prevent the use of .trust domains for malicious activity. A continual process of security review and improvement will help ensure those sites stay in compliance with .trust requirements.

Why use .trust? Under the .trust domain, organizations will be able to protect their brand, reputation and sensitive customer information with the highest level of security and reliability. Those who wish to join this online gated community will commit to rigorous security policies and procedures, and NCC Group will work with applicants to help them achieve these policies. These policies have been developed by a coalition of industry and NCC Group experts, and adhering to them provides comprehensive protection from vulnerabilities that threaten to compromise integrity, availability and privacy. The technical policies that shape .trust will ensure that members of the .trust community will be recognized as leaders in secure, trustworthy online transactions.

How does .trust work? The .trust gTLD creates a more trustworthy Internet through the application of three core principles by which we require applicants to abide:

  1. Verify: All applicants must submit identity documentation and proof of intellectual property and naming rights to help prevent misleading, abusive and malicious registrations. Organizations are verified so consumers know that .trust domains are representative of the brand they know and trust.
  2. Secure: All registrants must abide by the security control policies and procedures, giving consumers confidence that their online transactions conducted via .trust domains will be secure and trustworthy.
  3. Assure: Organizations within the .trust domain will be continually monitored for compliance with the .trust technical policies and will actively work with NCC Group experts to remediate identified issues.

How is .trust different from other TLDs? .trust websites will be differentiated by a high level of security and reliability, unprecedented on the Internet. Consumers will come to recognize .trust as an island of trusted brands inside a new, confusing namespace.

How is .trust more secure than other TLDs? Registrants of .trust domains will be required to adopt rigorous security policies that strictly prohibit malicious activity or the creation of vulnerabilities. The .trust service uses a unique, technology-driven process to automatically monitor domain owners for compliance with NCC Group’s best-in-class security policies. This process incentivizes and helps domain owners to quickly restore security when their sites exhibit web application flaws, network misconfigurations and other security violations.

To improve the end-to-end security experience for users of .trust and other domains, NCC Group is working with major Internet companies to implement new technologies into web browsers, email servers and operating systems. The end goal of the security policies is to create a seamless and safe experience whenever a user browses a website or emails someone on a .trust domain.

How are these rules enforced? Registrants in the .trust space agree to follow the security policies that NCC Group strictly enforces via monitoring .trust domains for network, web application, email and malware threats.

About NCC Group

NCC Group is a global information assurance firm, passionate about making the internet a safer place and revolutionising the way in which organisations think about cyber security.

Through an unrivalled and unique range of services, the company provides organisations across the world with freedom from doubt that their most important assets are protected and operational at all times.

Listed on the London Stock Exchange, NCC Group is a trusted advisor to more than 15,000 clients worldwide.

Headquartered in Manchester, UK, NCC Group has 20 offices across the world and employs over 1,000 of the brightest minds in information security, assurance and technology.

NCC Group delivers security testing, software escrow and verification, website performance, software testing and domain services.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
The modern software development landscape consists of best practices and tools that allow teams to deliver software in a near-continuous manner. By adopting a culture of automation, measurement and sharing, the time to ship code has been greatly reduced, allowing for shorter release cycles and quicker feedback from customers and users. Still, with all of these tools and methods, how can teams stay on top of what is taking place across their infrastructure and codebase? Hopping between services a...
In today's digital world, change is the one constant. Disruptive innovations like cloud, mobility, social media, and the Internet of Things have reshaped the market and set new standards in customer expectations. To remain competitive, businesses must tap the potential of emerging technologies and markets through the rapid release of new products and services. However, the rigid and siloed structures of traditional IT platforms and processes are slowing them down – resulting in lengthy delivery ...
As a CIO, are your direct reports IT managers or are they IT leaders? The hard truth is that many IT managers have risen through the ranks based on their technical skills, not their leadership ability. Many are unable to effectively engage and inspire, creating forward momentum in the direction of desired change. Renowned for its approach to leadership and emphasis on their people, organizations increasingly look to our military for insight into these challenges.
Achim Weiss is Chief Executive Officer and co-founder of ProfitBricks. In 1995, he broke off his studies to co-found the web hosting company "Schlund+Partner." The company "Schlund+Partner" later became the 1&1 web hosting product line. From 1995 to 2008, he was the technical director for several important projects: the largest web hosting platform in the world, the second largest DSL platform, a video on-demand delivery network, the largest eMail backend in Europe, and a universal billing syste...
Docker is hot. However, as Docker container use spreads into more mature production pipelines, there can be issues about control of Docker images to ensure they are production-ready. Is a promotion-based model appropriate to control and track the flow of Docker images from development to production? In his session at DevOps Summit, Fred Simon, Co-founder and Chief Architect of JFrog, will demonstrate how to implement a promotion model for Docker images using a binary repository, and then show h...
Containers have changed the mind of IT in DevOps. They enable developers to work with dev, test, stage and production environments identically. Containers provide the right abstraction for microservices and many cloud platforms have integrated them into deployment pipelines. DevOps and Containers together help companies to achieve their business goals faster and more effectively.
Nowadays, a large number of sensors and devices are connected to the network. Leading-edge IoT technologies integrate various types of sensor data to create a new value for several business decision scenarios. The transparent cloud is a model of a new IoT emergence service platform. Many service providers store and access various types of sensor data in order to create and find out new business values by integrating such data.
Overgrown applications have given way to modular applications, driven by the need to break larger problems into smaller problems. Similarly large monolithic development processes have been forced to be broken into smaller agile development cycles. Looking at trends in software development, microservices architectures meet the same demands. Additional benefits of microservices architectures are compartmentalization and a limited impact of service failure versus a complete software malfunction....
Containers are changing the security landscape for software development and deployment. As with any security solutions, security approaches that work for developers, operations personnel and security professionals is a requirement. In his session at @DevOpsSummit, Kevin Gilpin, CTO and Co-Founder of Conjur, will discuss various security considerations for container-based infrastructure and related DevOps workflows.
DevOps and Continuous Delivery software provider XebiaLabs has announced it has been selected to join the Amazon Web Services (AWS) DevOps Competency partner program. The program is designed to highlight software vendors like XebiaLabs who have demonstrated technical expertise and proven customer success in DevOps and specialized solution areas like Continuous Delivery. DevOps Competency Partners provide solutions to, or have deep experience working with AWS users and other businesses to help t...
The buzz continues for cloud, data analytics and the Internet of Things (IoT) and their collective impact across all industries. But a new conversation is emerging - how do companies use industry disruption and technology enablers to lead in markets undergoing change, uncertainty and ambiguity? Organizations of all sizes need to evolve and transform, often under massive pressure, as industry lines blur and merge and traditional business models are assaulted and turned upside down. In this new da...
The broad selection of hardware, the rapid evolution of operating systems and the time-to-market for mobile apps has been so rapid that new challenges for developers and engineers arise every day. Security, testing, hosting, and other metrics have to be considered through the process. In his session at Big Data Expo, Walter Maguire, Chief Field Technologist, HP Big Data Group, at Hewlett-Packard, will discuss the challenges faced by developers and a composite Big Data applications builder, foc...
WebRTC services have already permeated corporate communications in the form of videoconferencing solutions. However, WebRTC has the potential of going beyond and catalyzing a new class of services providing more than calls with capabilities such as mass-scale real-time media broadcasting, enriched and augmented video, person-to-machine and machine-to-machine communications. In his session at @ThingsExpo, Luis Lopez, CEO of Kurento, will introduce the technologies required for implementing thes...
The cloud has reached mainstream IT. Those 18.7 million data centers out there (server closets to corporate data centers to colocation deployments) are moving to the cloud. In his session at 17th Cloud Expo, Achim Weiss, CEO & co-founder of ProfitBricks, will share how two companies – one in the U.S. and one in Germany – are achieving their goals with cloud infrastructure. More than a case study, he will share the details of how they prioritized their cloud computing infrastructure deployments ...
Chris Van Tuin, Chief Technologist for the Western US at Red Hat, has over 20 years of experience in IT and Software. Since joining Red Hat in 2005, he has been architecting solutions for strategic customers and partners with a focus on emerging technologies including IaaS, PaaS, and DevOps. He started his career at Intel in IT and Managed Hosting followed by leadership roles in services and sales engineering at Loudcloud and Linux startups.