Online risk mitigation specialists DNProtect released details of their market report that exposes a high number of security issues related to the domain names that Fortune 500 companies rely upon for business and consumer interaction. The report utilizes data obtained from DNP Score, the company's propriety algorithm, and serves as an early warning indicator of possible security threats and open windows for domain theft or service disruption. The market release follows a number of recent high profile cases involving GoDaddy, Network Solutions, and other registrars where critical domain names were stolen, resulting in disruptions that can easily impact millions of Internet users.

Internet domain names are a critical part of a company’s online presence and play important and critical roles, such as back-end communications with other companies, especially in e-commerce activities, says DNProtect. If a company's domain name was suddenly unreachable, there would be a lot of disruption, most likely causing decreased revenue, and maybe even an online reputation issue. 

Some of the highlights of the report include:

  • Only seven percent of Fortune 500 companies have their domain names setup properly.
  • Eleven of the Fortune 500 companies had scores of 400 or less, indicating sizable risk for theft, loss, or service reduction.
  • Notably Amazon was in the worst bottom ten companies at the Fortune 500 level for security issues and setup errors.
  • Companies such as Target, Travelers, Kellogg, Farmers, and Booze Allen Hamilton came out on top for security readiness.

Here are some other statistics about the Fortune 500:

  • 35 of the companies have a score of 700 (only 7 percent)
  • 74 of the companies have a score of 650 (15 percent)
  • 83 of the companies have a score of 600 (17 percent)
  • 175 of the companies have a score of 550 (35 percent)
  • 80 of the companies have a score of 500 (16 percent)
  • 37 of the companies have a score of 450 (7 percent)
  • 9 of the companies have a score of 400 (2 percent)
  • 2 of the companies have a score of 350 (less than 1 percent)
Only 7% of the Fortune 500 companies have their domain names set up properly. Many of these companies can increase their DNP Scores by registering their domain names for at least 5 years, or changing certain settings on the domain names such as enabling DNSSEC, DMARC, and DKIM on their domains, says DNProtect.
 
"When you check a domain name's DNP Score, a solution can help provide details about what you can do to improve the score. For example, if a domain name is going to expire soon, there is some risk involved, as the domain name could expire. Another issue could be that DMARC, SPF, and DKIM aren't set up on a domain name that's being used to send and receive email. DNP Score solutions can show you other risk factors that make up a domain name's DNP Score, such as DNSSEC not being enabled, and the whether or not there are issues with the domain name's reputation, such as being on an email blacklist," says Bill Hartzer, Chief Data Scientist at DNProtect.
 
The report charts out online threat assessments for all Fortune 500 companies, with featured elements highlighted and the best companies recognized. The risk measurement tool uses the score of 750 to reflect the highest possible preparation against future security threats. The DNP Score algorithm is based off weighted calculations of DKIM, DMARC, DNSSEC, Email Blacklists, Creation Dates, Expiry Dates, Trademark and UDRP Histories, Malware Associations, Domain Reputations, Registrant Histories, IP Address Logs, Name Server Status, and other proprietary factors to determine a final risk actor. 

For more information about DNP's calculations and reporting methodologies visit www.dnprotect.com/legal/about-dnp-score.