Welcome!

News Feed Item

NCC Group Brings .trust to the Internet

NCC Group, the global information assurance specialist, has today announced its plans for .trust, a unique generic top-level domain (gTLD) that aims to provide a safer and more trustworthy Internet for both businesses and consumers.

A .trust domain will help protect an organization’s brand, reputation and sensitive customer information by enforcing the highest level of security and reliability. For consumers, it will provide a clear signal that a site is what it claims to be and is a safe place to do business, interact and share information.

Responding to the demands of the world’s online community, ICANN is currently operating a program to add thousands more gTLDs over the next few years. The majority of these new domains will be used to categorize companies and individuals into physical locations, industry segments or brands. In contrast, .trust has been created as a gated community to make the Internet more secure.

Rob Cotton, CEO at NCC Group said: “The Internet is a lawless world – ungovernable, unmanageable and insecure. Consumer confidence has gone, and businesses are at a loss at how to combat the risks.

“The new rollout of gTLDs is further changing the shape of the Internet. Cybersquatting and phishing were big issues with just 22 gTLDs, but with over 1,400 set to be introduced, these problems are set to get exponentially worse. The cost for a business to protect its online presence and purchase all possible domain combinations will also be extortionate.

“The benefits to businesses of having a .trust gTLD are immediately obvious. It will act as a key differentiator, bringing back consumer confidence by protecting customers as they transact and interact online.

“The Internet is set to change forever, and at NCC Group we are committed to changing it for the good, making it a safer place and introducing trust.”

Applicants for a .trust domain will have to verify their identify, ensure their organization is secure by complying to a strict and specific code of security policies and assure their infrastructure remains safe by undergoing regular compliance scanning.

The policies have been developed by a coalition of industry and NCC Group experts, and adhering to them will help provide comprehensive protection from vulnerabilities that threaten to compromise integrity, availability and privacy.

Cotton continued: “End users will come to recognize .trust as an island of trusted brands in a new confusing namespace.”

Pioneer businesses in San Francisco have been involved in the process of developing the security protocols for .trust for several months, and some of these will be among the first to take up the .trust domain when it is available for registration towards the end of Q3. Ultimately, brands with high customer data security needs—including banks and retailers—are expected to find .trust most appealing.

Notes to Editors – Further Details About .trust

NCC Group acquired from Deutsche Post the rights to the .trust gTLD application, for an undisclosed fee in February 2014.

What is .trust? .trust is a unique gTLD that will provide a safer and more trustworthy Internet. The .trust gTLD signals that a site is a safe website to interact and do business with. Organizations using .trust domains will be required to comply with rigorous security policies in order to prevent the use of .trust domains for malicious activity. A continual process of security review and improvement will help ensure those sites stay in compliance with .trust requirements.

Why use .trust? Under the .trust domain, organizations will be able to protect their brand, reputation and sensitive customer information with the highest level of security and reliability. Those who wish to join this online gated community will commit to rigorous security policies and procedures, and NCC Group will work with applicants to help them achieve these policies. These policies have been developed by a coalition of industry and NCC Group experts, and adhering to them provides comprehensive protection from vulnerabilities that threaten to compromise integrity, availability and privacy. The technical policies that shape .trust will ensure that members of the .trust community will be recognized as leaders in secure, trustworthy online transactions.

How does .trust work? The .trust gTLD creates a more trustworthy Internet through the application of three core principles by which we require applicants to abide:

  1. Verify: All applicants must submit identity documentation and proof of intellectual property and naming rights to help prevent misleading, abusive and malicious registrations. Organizations are verified so consumers know that .trust domains are representative of the brand they know and trust.
  2. Secure: All registrants must abide by the security control policies and procedures, giving consumers confidence that their online transactions conducted via .trust domains will be secure and trustworthy.
  3. Assure: Organizations within the .trust domain will be continually monitored for compliance with the .trust technical policies and will actively work with NCC Group experts to remediate identified issues.

How is .trust different from other TLDs? .trust websites will be differentiated by a high level of security and reliability, unprecedented on the Internet. Consumers will come to recognize .trust as an island of trusted brands inside a new, confusing namespace.

How is .trust more secure than other TLDs? Registrants of .trust domains will be required to adopt rigorous security policies that strictly prohibit malicious activity or the creation of vulnerabilities. The .trust service uses a unique, technology-driven process to automatically monitor domain owners for compliance with NCC Group’s best-in-class security policies. This process incentivizes and helps domain owners to quickly restore security when their sites exhibit web application flaws, network misconfigurations and other security violations.

To improve the end-to-end security experience for users of .trust and other domains, NCC Group is working with major Internet companies to implement new technologies into web browsers, email servers and operating systems. The end goal of the security policies is to create a seamless and safe experience whenever a user browses a website or emails someone on a .trust domain.

How are these rules enforced? Registrants in the .trust space agree to follow the security policies that NCC Group strictly enforces via monitoring .trust domains for network, web application, email and malware threats.

About NCC Group

NCC Group is a global information assurance firm, passionate about making the internet a safer place and revolutionising the way in which organisations think about cyber security.

Through an unrivalled and unique range of services, the company provides organisations across the world with freedom from doubt that their most important assets are protected and operational at all times.

Listed on the London Stock Exchange, NCC Group is a trusted advisor to more than 15,000 clients worldwide.

Headquartered in Manchester, UK, NCC Group has 20 offices across the world and employs over 1,000 of the brightest minds in information security, assurance and technology.

NCC Group delivers security testing, software escrow and verification, website performance, software testing and domain services.

http://www.nccgroup.com

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
With more than 30 Kubernetes solutions in the marketplace, it's tempting to think Kubernetes and the vendor ecosystem has solved the problem of operationalizing containers at scale or of automatically managing the elasticity of the underlying infrastructure that these solutions need to be truly scalable. Far from it. There are at least six major pain points that companies experience when they try to deploy and run Kubernetes in their complex environments. In this presentation, the speaker will d...
While DevOps most critically and famously fosters collaboration, communication, and integration through cultural change, culture is more of an output than an input. In order to actively drive cultural evolution, organizations must make substantial organizational and process changes, and adopt new technologies, to encourage a DevOps culture. Moderated by Andi Mann, panelists discussed how to balance these three pillars of DevOps, where to focus attention (and resources), where organizations might...
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...
When building large, cloud-based applications that operate at a high scale, it's important to maintain a high availability and resilience to failures. In order to do that, you must be tolerant of failures, even in light of failures in other areas of your application. "Fly two mistakes high" is an old adage in the radio control airplane hobby. It means, fly high enough so that if you make a mistake, you can continue flying with room to still make mistakes. In his session at 18th Cloud Expo, Le...
Machine learning has taken residence at our cities' cores and now we can finally have "smart cities." Cities are a collection of buildings made to provide the structure and safety necessary for people to function, create and survive. Buildings are a pool of ever-changing performance data from large automated systems such as heating and cooling to the people that live and work within them. Through machine learning, buildings can optimize performance, reduce costs, and improve occupant comfort by ...
As Cybric's Chief Technology Officer, Mike D. Kail is responsible for the strategic vision and technical direction of the platform. Prior to founding Cybric, Mike was Yahoo's CIO and SVP of Infrastructure, where he led the IT and Data Center functions for the company. He has more than 24 years of IT Operations experience with a focus on highly-scalable architectures.
CI/CD is conceptually straightforward, yet often technically intricate to implement since it requires time and opportunities to develop intimate understanding on not only DevOps processes and operations, but likely product integrations with multiple platforms. This session intends to bridge the gap by offering an intense learning experience while witnessing the processes and operations to build from zero to a simple, yet functional CI/CD pipeline integrated with Jenkins, Github, Docker and Azure...
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
Dhiraj Sehgal works in Delphix's product and solution organization. His focus has been DevOps, DataOps, private cloud and datacenters customers, technologies and products. He has wealth of experience in cloud focused and virtualized technologies ranging from compute, networking to storage. He has spoken at Cloud Expo for last 3 years now in New York and Santa Clara.
Enterprises are striving to become digital businesses for differentiated innovation and customer-centricity. Traditionally, they focused on digitizing processes and paper workflow. To be a disruptor and compete against new players, they need to gain insight into business data and innovate at scale. Cloud and cognitive technologies can help them leverage hidden data in SAP/ERP systems to fuel their businesses to accelerate digital transformation success.
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple cloud provider environments. Yet, despite this portability promise, developers may include configuration and application definitions that constrain or even eliminate application portability. In this session we'll describe best practices for "configuration as code" in a Kubernetes environment. We will demonstrate how a properly constructed containerized app can be deployed to both Amazon and Azure ...
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.