|
|
   
|
NEW
TECHNOLOGIES
• Attack
the hack Protect
your brand from tomfoolery A clever Netizen in Massachusetts cybersquats on
"vatican.org," and a sleazy businessman plans to sell ads on his
"vaticano.org." "Whitehouse.com" is, unlike "whitehouse.gov,"
a porn site. If the Vatican and our White House aren't sacred trademarks,
protecting your corporate identity is an even trickier business.
Protecting a company Web address is a complex
undertaking, especially in a large, diverse or multinational corporation. In
one large company I'm familiar with, stakeholders reside in the marketing, IT
and legal departments, with dozens of individual business units having
influence. Even with all that brainpower and a full-time person managing
Internet domain names, some hacker recently tried to take away ownership of the
company's main corporate-name domain. Hackers can interfere with the still-fragile
Internet technology to redirect your site's visitors somewhere else. They can
try to assume ownership over your registered domain name and hold it for ransom,
and they can create hostile shadow sites using variations on your site's
principal name. For example, "gwbush.com" is not owned and operated by
the presidential candidate's campaign, but Exxon took preemptive action by
registering "exxonsucks.com." Furthermore, when a computer user checks
out alternatives to a corporate domain name, and the alternative hasn't been
claimed, they're greeted with an offer to register it. Creating and promoting the right policies and
practices requires the combined efforts of dozens of people across the company.
It can't be done solely within IT, or the legal or marketing departments; it has
to involve all those resources. Depending on the company, the situation may be
exacerbated by geography: A company may need to have part-time helpers in each
country where it does business because registrations in most countries must be
submitted in the local language. Building and leading a virtual team to anticipate
threats and provide protection is vital. Getting all of these disparate
disciplines and part-time contributors to all speak in the same jargon is a
large part of the challenge. But even more problematic is the inadvertent
sabotage that comes from within your own corporation. For example, the wild
variety of ways that large corporations provide access to site visitors can be
confusing. Your company needs policies that will help avoid the problems created
when each individual business unit puts up its own site, each with its own look
and feel, and divergent ways of naming things. One company (let's call it MyCo) with three
principal brands might offer customers three different ways of getting
information and placing orders: BrandA.MyCo.com BrandB.com and MyCo.com/BrandC.
Then consider that, two years from now, the marketing manager who registered
"BrandB.com" has left the company, and the emails offering to renew
are being sent back. Worse, some clever hacker has filed a registration the day
"BrandB.com" expired and has hijacked the site. Your company needs a way to educate all employees
about whom to contact for registration matters. We recommend our clients choose
two fictitious names in which they make all registrations; for example,
"Mary Lee Schmeltzerhoffer" may be the "person" for all
legitimate registrations (such
as "MyCo.com" and "MyCo.co.uk"), and "Peter W.
Carltonsen" is the person for all those other sites using misspellings and
hostile name registrations. Set up e-mail addresses for both fictitious
people, and reroute the mail automatically to the employee currently assigned to
oversee those registrations. A further hint: Create a drop box at a remailing
service for "Mr. Carltonsen's" postal address in another city so
snoopers don't necessarily know those hostile names are registered to your
corporation. The corporate IT department often assumes the task
of protecting the domain names, but often, the technologists don't understand
the branding and identity aspects of the work. In other companies, the task
falls to the legal department, which knows a lot about existing legal
protections but perhaps little about the marketing strategy or adapting to a
changing technology world. And each individual business unit marketing manager
often just knows he needs to create his own online brand for his product without
knowing all the ins and outs of online protection. Then there's the question of
protecting your good name in other languages and other markets. Corporate marketing needs to take the lead. The
challenge is developing a set of policies that are current with today's market
and threat environment, and adaptable to the changing rules of the game. It's
putting technology and legal expertise to work in
support of marketing
goals. Computer hackers can smell blood, and more and more
often, their challenges are coming from residents of countries with little
relevant law. For example, my own Web site has been probed from Turkey and a
small town in Italy. The potential rewards for holding one of your brand names
hostage are high enough to attract lots of such inquiries. The rules about how domain name registration will be
handled in the next few years are changing. (For more information, search "ICANN"
for the Internet Corporation for Assigned Names and Numbers from your Web
browser.) The threats--especially new and unanticipated ones--will increase, and
the emergence of new top-level domains (expect to see ".com"
supplemented with ".store" and ".firm" and other codes in
the near future) means you need to get control now. ¾¾¾¾¾ Carol Anne Ogdin is founder of Deep Woods Technology Inc., a Placerville, Calif.-based
consultancy. ©
2000, American Marketing Association.. This article originally appeared in
the November 6, 2000 edition of Marketing News, a periodical of the
American Marketing Association. |
|
|
