Welcome!

News Feed Item

NCC Group Brings .trust to the Internet

NCC Group, the global information assurance specialist, has today announced its plans for .trust, a unique generic top-level domain (gTLD) that aims to provide a safer and more trustworthy Internet for both businesses and consumers.

A .trust domain will help protect an organization’s brand, reputation and sensitive customer information by enforcing the highest level of security and reliability. For consumers, it will provide a clear signal that a site is what it claims to be and is a safe place to do business, interact and share information.

Responding to the demands of the world’s online community, ICANN is currently operating a program to add thousands more gTLDs over the next few years. The majority of these new domains will be used to categorize companies and individuals into physical locations, industry segments or brands. In contrast, .trust has been created as a gated community to make the Internet more secure.

Rob Cotton, CEO at NCC Group said: “The Internet is a lawless world – ungovernable, unmanageable and insecure. Consumer confidence has gone, and businesses are at a loss at how to combat the risks.

“The new rollout of gTLDs is further changing the shape of the Internet. Cybersquatting and phishing were big issues with just 22 gTLDs, but with over 1,400 set to be introduced, these problems are set to get exponentially worse. The cost for a business to protect its online presence and purchase all possible domain combinations will also be extortionate.

“The benefits to businesses of having a .trust gTLD are immediately obvious. It will act as a key differentiator, bringing back consumer confidence by protecting customers as they transact and interact online.

“The Internet is set to change forever, and at NCC Group we are committed to changing it for the good, making it a safer place and introducing trust.”

Applicants for a .trust domain will have to verify their identify, ensure their organization is secure by complying to a strict and specific code of security policies and assure their infrastructure remains safe by undergoing regular compliance scanning.

The policies have been developed by a coalition of industry and NCC Group experts, and adhering to them will help provide comprehensive protection from vulnerabilities that threaten to compromise integrity, availability and privacy.

Cotton continued: “End users will come to recognize .trust as an island of trusted brands in a new confusing namespace.”

Pioneer businesses in San Francisco have been involved in the process of developing the security protocols for .trust for several months, and some of these will be among the first to take up the .trust domain when it is available for registration towards the end of Q3. Ultimately, brands with high customer data security needs—including banks and retailers—are expected to find .trust most appealing.

Notes to Editors – Further Details About .trust

NCC Group acquired from Deutsche Post the rights to the .trust gTLD application, for an undisclosed fee in February 2014.

What is .trust? .trust is a unique gTLD that will provide a safer and more trustworthy Internet. The .trust gTLD signals that a site is a safe website to interact and do business with. Organizations using .trust domains will be required to comply with rigorous security policies in order to prevent the use of .trust domains for malicious activity. A continual process of security review and improvement will help ensure those sites stay in compliance with .trust requirements.

Why use .trust? Under the .trust domain, organizations will be able to protect their brand, reputation and sensitive customer information with the highest level of security and reliability. Those who wish to join this online gated community will commit to rigorous security policies and procedures, and NCC Group will work with applicants to help them achieve these policies. These policies have been developed by a coalition of industry and NCC Group experts, and adhering to them provides comprehensive protection from vulnerabilities that threaten to compromise integrity, availability and privacy. The technical policies that shape .trust will ensure that members of the .trust community will be recognized as leaders in secure, trustworthy online transactions.

How does .trust work? The .trust gTLD creates a more trustworthy Internet through the application of three core principles by which we require applicants to abide:

  1. Verify: All applicants must submit identity documentation and proof of intellectual property and naming rights to help prevent misleading, abusive and malicious registrations. Organizations are verified so consumers know that .trust domains are representative of the brand they know and trust.
  2. Secure: All registrants must abide by the security control policies and procedures, giving consumers confidence that their online transactions conducted via .trust domains will be secure and trustworthy.
  3. Assure: Organizations within the .trust domain will be continually monitored for compliance with the .trust technical policies and will actively work with NCC Group experts to remediate identified issues.

How is .trust different from other TLDs? .trust websites will be differentiated by a high level of security and reliability, unprecedented on the Internet. Consumers will come to recognize .trust as an island of trusted brands inside a new, confusing namespace.

How is .trust more secure than other TLDs? Registrants of .trust domains will be required to adopt rigorous security policies that strictly prohibit malicious activity or the creation of vulnerabilities. The .trust service uses a unique, technology-driven process to automatically monitor domain owners for compliance with NCC Group’s best-in-class security policies. This process incentivizes and helps domain owners to quickly restore security when their sites exhibit web application flaws, network misconfigurations and other security violations.

To improve the end-to-end security experience for users of .trust and other domains, NCC Group is working with major Internet companies to implement new technologies into web browsers, email servers and operating systems. The end goal of the security policies is to create a seamless and safe experience whenever a user browses a website or emails someone on a .trust domain.

How are these rules enforced? Registrants in the .trust space agree to follow the security policies that NCC Group strictly enforces via monitoring .trust domains for network, web application, email and malware threats.

About NCC Group

NCC Group is a global information assurance firm, passionate about making the internet a safer place and revolutionising the way in which organisations think about cyber security.

Through an unrivalled and unique range of services, the company provides organisations across the world with freedom from doubt that their most important assets are protected and operational at all times.

Listed on the London Stock Exchange, NCC Group is a trusted advisor to more than 15,000 clients worldwide.

Headquartered in Manchester, UK, NCC Group has 20 offices across the world and employs over 1,000 of the brightest minds in information security, assurance and technology.

NCC Group delivers security testing, software escrow and verification, website performance, software testing and domain services.

http://www.nccgroup.com

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
@DevOpsSummit taking place June 6-8, 2017 at Javits Center, New York City, is co-located with the 20th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. @DevOpsSummit at Cloud Expo New York Call for Papers is now open.
Fact is, enterprises have significant legacy voice infrastructure that’s costly to replace with pure IP solutions. How can we bring this analog infrastructure into our shiny new cloud applications? There are proven methods to bind both legacy voice applications and traditional PSTN audio into cloud-based applications and services at a carrier scale. Some of the most successful implementations leverage WebRTC, WebSockets, SIP and other open source technologies. In his session at @ThingsExpo, Da...
In his session at 19th Cloud Expo, Claude Remillard, Principal Program Manager in Developer Division at Microsoft, contrasted how his team used config as code and immutable patterns for continuous delivery of microservices and apps to the cloud. He showed how the immutable patterns helps developers do away with most of the complexity of config as code-enabling scenarios such as rollback, zero downtime upgrades with far greater simplicity. He also demoed building immutable pipelines in the cloud ...
The cloud competition for database hosts is fierce. How do you evaluate a cloud provider for your database platform? In his session at 18th Cloud Expo, Chris Presley, a Solutions Architect at Pythian, gave users a checklist of considerations when choosing a provider. Chris Presley is a Solutions Architect at Pythian. He loves order – making him a premier Microsoft SQL Server expert. Not only has he programmed and administered SQL Server, but he has also shared his expertise and passion with b...
As data explodes in quantity, importance and from new sources, the need for managing and protecting data residing across physical, virtual, and cloud environments grow with it. Managing data includes protecting it, indexing and classifying it for true, long-term management, compliance and E-Discovery. Commvault can ensure this with a single pane of glass solution – whether in a private cloud, a Service Provider delivered public cloud or a hybrid cloud environment – across the heterogeneous enter...
"IoT is going to be a huge industry with a lot of value for end users, for industries, for consumers, for manufacturers. How can we use cloud to effectively manage IoT applications," stated Ian Khan, Innovation & Marketing Manager at Solgeniakhela, in this SYS-CON.tv interview at @ThingsExpo, held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA.
Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more business becomes digital the more stakeholders are interested in this data including how it relates to business. Some of these people have never used a monitoring tool before. They have a question on their mind like “How is my application doing” but no id...
@GonzalezCarmen has been ranked the Number One Influencer and @ThingsExpo has been named the Number One Brand in the “M2M 2016: Top 100 Influencers and Brands” by Onalytica. Onalytica analyzed tweets over the last 6 months mentioning the keywords M2M OR “Machine to Machine.” They then identified the top 100 most influential brands and individuals leading the discussion on Twitter.
In IT, we sometimes coin terms for things before we know exactly what they are and how they’ll be used. The resulting terms may capture a common set of aspirations and goals – as “cloud” did broadly for on-demand, self-service, and flexible computing. But such a term can also lump together diverse and even competing practices, technologies, and priorities to the point where important distinctions are glossed over and lost.
Predictive analytics tools monitor, report, and troubleshoot in order to make proactive decisions about the health, performance, and utilization of storage. Most enterprises combine cloud and on-premise storage, resulting in blended environments of physical, virtual, cloud, and other platforms, which justifies more sophisticated storage analytics. In his session at 18th Cloud Expo, Peter McCallum, Vice President of Datacenter Solutions at FalconStor, discussed using predictive analytics to mon...
All clouds are not equal. To succeed in a DevOps context, organizations should plan to develop/deploy apps across a choice of on-premise and public clouds simultaneously depending on the business needs. This is where the concept of the Lean Cloud comes in - resting on the idea that you often need to relocate your app modules over their life cycles for both innovation and operational efficiency in the cloud. In his session at @DevOpsSummit at19th Cloud Expo, Valentin (Val) Bercovici, CTO of Soli...
Information technology is an industry that has always experienced change, and the dramatic change sweeping across the industry today could not be truthfully described as the first time we've seen such widespread change impacting customer investments. However, the rate of the change, and the potential outcomes from today's digital transformation has the distinct potential to separate the industry into two camps: Organizations that see the change coming, embrace it, and successful leverage it; and...
Without a clear strategy for cost control and an architecture designed with cloud services in mind, costs and operational performance can quickly get out of control. To avoid multiple architectural redesigns requires extensive thought and planning. Boundary (now part of BMC) launched a new public-facing multi-tenant high resolution monitoring service on Amazon AWS two years ago, facing challenges and learning best practices in the early days of the new service. In his session at 19th Cloud Exp...
Fact: storage performance problems have only gotten more complicated, as applications not only have become largely virtualized, but also have moved to cloud-based infrastructures. Storage performance in virtualized environments isn’t just about IOPS anymore. Instead, you need to guarantee performance for individual VMs, helping applications maintain performance as the number of VMs continues to go up in real time. In his session at Cloud Expo, Dhiraj Sehgal, Product and Marketing at Tintri, sha...
The Internet of Things (IoT) promises to simplify and streamline our lives by automating routine tasks that distract us from our goals. This promise is based on the ubiquitous deployment of smart, connected devices that link everything from industrial control systems to automobiles to refrigerators. Unfortunately, comparatively few of the devices currently deployed have been developed with an eye toward security, and as the DDoS attacks of late October 2016 have demonstrated, this oversight can ...