Protection and Security for Your Domains
Update 06-26-2023: This post was revised to include new security features
When it comes to DNS and Domain Management, security is one of DNSimple's top priorities. We offer multiple ways to secure your accounts and protect your most important digital assets. Our strong security policies and protocols, along with tools like DNSSEC, DDoS defense, and account access controls available on every plan, mean you know your domains are safe with us.
Let's talk more about these tools and how to ensure your domains are as secure as possible.
Do you have DNSSEC & DDoS Defense?
Every DNSimple account comes with the ability to enable DNSSEC (Domain Name System Security Extensions) on your domains. DNSSEC provides a cryptographic chain of trust for your zones that authenticating resolvers use to ensure DNS results weren't tampered with while in transit. If you're curious how DNSSEC works, we've got a comic detailing the whole process.
For some TLDs (Top Level Domains), users are required to manually sign their zones, which requires highly technical skills. And key rotation can be complicated. We provide expert-level DNSSEC service, so you know these operations are done correctly and your domains are as secure as possible. Most domains registered with DNSimple also include support for automatic DNSSEC key rotation.
We also provide defense against DDoS (distributed denial-of-service) attacks at the DNS level. This protection is available to all customers at no additional cost, without any special configuration. If you want to dive a little deeper into DDoS, we go into more detail in our uptime post and support documentation.
Does your provider offer multiple account security tools?
Domain access control is available on the Professional plan and higher. It lets you specify different roles for your team members on a per-domain basis, so you can ensure team members only have access to the domains they need to manage. Individual logins allow multiple users to access a DNSimple account using their own credentials. That means no more worrying about losing control of your domains if someone leaves the team. And if you use Google Workspaces, you can easily provision team member accounts in DNSimple using your Google Workspace as your Identity Provider. We'll automatically disable their access if they're removed from your Google Workspace at a later date.
All accounts allow you to enable multi-factor authentication (MFA) to provide an extra level of security against unauthorized access. When you have multiple users managing an account, this step is vital to your domain security. Use time-based, one-time passwords or hardware keys as your second factor of authentication. You can even enforce the use of MFA for your team members on Professional and higher plans.
We've also added support for 3D secure payments, so if your country requires 3D Secure, you'll be able to continue your subscription or start a new one. You can also opt in to this extra layer of protection if your card supports 3D Secure and you want the additional level of security for your payments. Just follow the instructions in our support doc to change your payment method.
What's your provider's public security policy?
DNSimple provides a clear, strong public security policy that makes it easy to report security issues. We offer a dedicated email for security researchers to provide reports and ensure a quick turnaround time when responding. We also maintain a test environment for security testing that matches the functionality of our production systems. This makes it easy for researchers to contribute proof-of-concepts, and we credit researchers who have reported valid security issues.
We have strong internal policies as well. All DNSimple team members are equipped with security training when they join, along with yearly security refreshers. We limit access to systems, encrypt sensitive information, and have regular off-site backups.
Secure your domains with DNSimple
We offer strong security features on every single plan, so whether you're managing one domain or thousands, your digital assets are safe with us. You can read more about our security features on our Domain Security page, or take a look at our support documentation for some simple measures you can take to ensure your account security.
Want even more reasons to join DNSimple? Check out our latest posts on speed and uptime. If you're ready for best-in-class security, reliable response times, and domains that stay up and running, try DNSimple free for 30 days. Have more questions? Send us a message — we'd love to chat.
I break things so Simone continues to have plenty to do. I occasionally have useful ideas, like building a domain and DNS provider that doesn't suck.
We think domain management should be easy.
That's why we continue building DNSimple.
Using time tracking to improve your remote working habits
What we learned, individually, from our collective time tracking experiment.
The Villains of Remote Work
Remote work and small teams come with their own challenges, these are some of mine.