Welcome!

News Feed Item

NCC Group Brings .trust to the Internet

NCC Group, the global information assurance specialist, has today announced its plans for .trust, a unique generic top-level domain (gTLD) that aims to provide a safer and more trustworthy Internet for both businesses and consumers.

A .trust domain will help protect an organization’s brand, reputation and sensitive customer information by enforcing the highest level of security and reliability. For consumers, it will provide a clear signal that a site is what it claims to be and is a safe place to do business, interact and share information.

Responding to the demands of the world’s online community, ICANN is currently operating a program to add thousands more gTLDs over the next few years. The majority of these new domains will be used to categorize companies and individuals into physical locations, industry segments or brands. In contrast, .trust has been created as a gated community to make the Internet more secure.

Rob Cotton, CEO at NCC Group said: “The Internet is a lawless world – ungovernable, unmanageable and insecure. Consumer confidence has gone, and businesses are at a loss at how to combat the risks.

“The new rollout of gTLDs is further changing the shape of the Internet. Cybersquatting and phishing were big issues with just 22 gTLDs, but with over 1,400 set to be introduced, these problems are set to get exponentially worse. The cost for a business to protect its online presence and purchase all possible domain combinations will also be extortionate.

“The benefits to businesses of having a .trust gTLD are immediately obvious. It will act as a key differentiator, bringing back consumer confidence by protecting customers as they transact and interact online.

“The Internet is set to change forever, and at NCC Group we are committed to changing it for the good, making it a safer place and introducing trust.”

Applicants for a .trust domain will have to verify their identify, ensure their organization is secure by complying to a strict and specific code of security policies and assure their infrastructure remains safe by undergoing regular compliance scanning.

The policies have been developed by a coalition of industry and NCC Group experts, and adhering to them will help provide comprehensive protection from vulnerabilities that threaten to compromise integrity, availability and privacy.

Cotton continued: “End users will come to recognize .trust as an island of trusted brands in a new confusing namespace.”

Pioneer businesses in San Francisco have been involved in the process of developing the security protocols for .trust for several months, and some of these will be among the first to take up the .trust domain when it is available for registration towards the end of Q3. Ultimately, brands with high customer data security needs—including banks and retailers—are expected to find .trust most appealing.

Notes to Editors – Further Details About .trust

NCC Group acquired from Deutsche Post the rights to the .trust gTLD application, for an undisclosed fee in February 2014.

What is .trust? .trust is a unique gTLD that will provide a safer and more trustworthy Internet. The .trust gTLD signals that a site is a safe website to interact and do business with. Organizations using .trust domains will be required to comply with rigorous security policies in order to prevent the use of .trust domains for malicious activity. A continual process of security review and improvement will help ensure those sites stay in compliance with .trust requirements.

Why use .trust? Under the .trust domain, organizations will be able to protect their brand, reputation and sensitive customer information with the highest level of security and reliability. Those who wish to join this online gated community will commit to rigorous security policies and procedures, and NCC Group will work with applicants to help them achieve these policies. These policies have been developed by a coalition of industry and NCC Group experts, and adhering to them provides comprehensive protection from vulnerabilities that threaten to compromise integrity, availability and privacy. The technical policies that shape .trust will ensure that members of the .trust community will be recognized as leaders in secure, trustworthy online transactions.

How does .trust work? The .trust gTLD creates a more trustworthy Internet through the application of three core principles by which we require applicants to abide:

  1. Verify: All applicants must submit identity documentation and proof of intellectual property and naming rights to help prevent misleading, abusive and malicious registrations. Organizations are verified so consumers know that .trust domains are representative of the brand they know and trust.
  2. Secure: All registrants must abide by the security control policies and procedures, giving consumers confidence that their online transactions conducted via .trust domains will be secure and trustworthy.
  3. Assure: Organizations within the .trust domain will be continually monitored for compliance with the .trust technical policies and will actively work with NCC Group experts to remediate identified issues.

How is .trust different from other TLDs? .trust websites will be differentiated by a high level of security and reliability, unprecedented on the Internet. Consumers will come to recognize .trust as an island of trusted brands inside a new, confusing namespace.

How is .trust more secure than other TLDs? Registrants of .trust domains will be required to adopt rigorous security policies that strictly prohibit malicious activity or the creation of vulnerabilities. The .trust service uses a unique, technology-driven process to automatically monitor domain owners for compliance with NCC Group’s best-in-class security policies. This process incentivizes and helps domain owners to quickly restore security when their sites exhibit web application flaws, network misconfigurations and other security violations.

To improve the end-to-end security experience for users of .trust and other domains, NCC Group is working with major Internet companies to implement new technologies into web browsers, email servers and operating systems. The end goal of the security policies is to create a seamless and safe experience whenever a user browses a website or emails someone on a .trust domain.

How are these rules enforced? Registrants in the .trust space agree to follow the security policies that NCC Group strictly enforces via monitoring .trust domains for network, web application, email and malware threats.

About NCC Group

NCC Group is a global information assurance firm, passionate about making the internet a safer place and revolutionising the way in which organisations think about cyber security.

Through an unrivalled and unique range of services, the company provides organisations across the world with freedom from doubt that their most important assets are protected and operational at all times.

Listed on the London Stock Exchange, NCC Group is a trusted advisor to more than 15,000 clients worldwide.

Headquartered in Manchester, UK, NCC Group has 20 offices across the world and employs over 1,000 of the brightest minds in information security, assurance and technology.

NCC Group delivers security testing, software escrow and verification, website performance, software testing and domain services.

http://www.nccgroup.com

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
SYS-CON Events announced today that Yuasa System will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Yuasa System is introducing a multi-purpose endurance testing system for flexible displays, OLED devices, flexible substrates, flat cables, and films in smartphones, wearables, automobiles, and healthcare.
Companies are harnessing data in ways we once associated with science fiction. Analysts have access to a plethora of visualization and reporting tools, but considering the vast amount of data businesses collect and limitations of CPUs, end users are forced to design their structures and systems with limitations. Until now. As the cloud toolkit to analyze data has evolved, GPUs have stepped in to massively parallel SQL, visualization and machine learning.
Join IBM November 1 at 21st Cloud Expo at the Santa Clara Convention Center in Santa Clara, CA, and learn how IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Cognitive analysis impacts today’s systems with unparalleled ability that were previously available only to manned, back-end operations. Thanks to cloud processing, IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Imagine a robot vacuum that becomes your personal assistant tha...
Organizations do not need a Big Data strategy; they need a business strategy that incorporates Big Data. Most organizations lack a road map for using Big Data to optimize key business processes, deliver a differentiated customer experience, or uncover new business opportunities. They do not understand what’s possible with respect to integrating Big Data into the business model.
The session is centered around the tracing of systems on cloud using technologies like ebpf. The goal is to talk about what this technology is all about and what purpose it serves. In his session at 21st Cloud Expo, Shashank Jain, Development Architect at SAP, will touch upon concepts of observability in the cloud and also some of the challenges we have. Generally most cloud-based monitoring tools capture details at a very granular level. To troubleshoot problems this might not be good enough.
Nordstrom is transforming the way that they do business and the cloud is the key to enabling speed and hyper personalized customer experiences. In his session at 21st Cloud Expo, Ken Schow, VP of Engineering at Nordstrom, will discuss some of the key learnings and common pitfalls of large enterprises moving to the cloud. This includes strategies around choosing a cloud provider(s), architecture, and lessons learned. In addition, he’ll go over some of the best practices for structured team migrat...
Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection between Coke and its customers. Digital signs pair software with high-resolution displays so that a message can be changed instantly based on what the operator wants to communicate or sell. In their Day 3 Keynote at 21st Cloud Expo, Greg Chambers, Global Group Director, Digital Innovation, Coca-Cola, and Vidya Nagarajan, a Senior Product Manager at Google, will discuss how from store operations...
As people view cloud as a preferred option to build IT systems, the size of the cloud-based system is getting bigger and more complex. As the system gets bigger, more people need to collaborate from design to management. As more people collaborate to create a bigger system, the need for a systematic approach to automate the process is required. Just as in software, cloud now needs DevOps. In this session, the audience can see how people can solve this issue with a visual model. Visual models ha...
Recently, REAN Cloud built a digital concierge for a North Carolina hospital that had observed that most patient call button questions were repetitive. In addition, the paper-based process used to measure patient health metrics was laborious, not in real-time and sometimes error-prone. In their session at 21st Cloud Expo, Sean Finnerty, Executive Director, Practice Lead, Health Care & Life Science at REAN Cloud, and Dr. S.P.T. Krishnan, Principal Architect at REAN Cloud, will discuss how they bu...
SYS-CON Events announced today that Dasher Technologies will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Dasher Technologies, Inc. ® is a premier IT solution provider that delivers expert technical resources along with trusted account executives to architect and deliver complete IT solutions and services to help our clients execute their goals, plans and objectives. Since 1999, we'v...
When it comes to cloud computing, the ability to turn massive amounts of compute cores on and off on demand sounds attractive to IT staff, who need to manage peaks and valleys in user activity. With cloud bursting, the majority of the data can stay on premises while tapping into compute from public cloud providers, reducing risk and minimizing need to move large files. In his session at 18th Cloud Expo, Scott Jeschonek, Director of Product Management at Avere Systems, discussed the IT and busine...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities – ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups. As a result, many firms employ new business models that place enormous impor...
SYS-CON Events announced today that TidalScale, a leading provider of systems and services, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. TidalScale has been involved in shaping the computing landscape. They've designed, developed and deployed some of the most important and successful systems and services in the history of the computing industry - internet, Ethernet, operating s...
In his session at 21st Cloud Expo, James Henry, Co-CEO/CTO of Calgary Scientific Inc., will introduce you to the challenges, solutions and benefits of training AI systems to solve visual problems with an emphasis on improving AIs with continuous training in the field. He will explore applications in several industries and discuss technologies that allow the deployment of advanced visualization solutions to the cloud.
We all know that end users experience the Internet primarily with mobile devices. From an app development perspective, we know that successfully responding to the needs of mobile customers depends on rapid DevOps – failing fast, in short, until the right solution evolves in your customers' relationship to your business. Whether you’re decomposing an SOA monolith, or developing a new application cloud natively, it’s not a question of using microservices – not doing so will be a path to eventual b...