Jump to content

NCC Group: Difference between revisions

From ICANNWiki
No edit summary
NCCGroup (talk | contribs)
mNo edit summary
 
(39 intermediate revisions by 9 users not shown)
Line 1: Line 1:
{{CompanyInfo|
{{CompanyInfo|
| logo            =  
| logo            = Nccgroup_250px.png
| type            =  
| type            = Publicly Traded
| industry        =  
| industry        = Registry & Registrar Data Escrow, Domain Security Services,<br>Software Escrow, Security Consulting, Website Performance
| founded        =  
| founded        = 1999
| founders        =  
| founders        =  
| ownership      =  
| ownership      =  
| headquarters    =  
| headquarters    = Manchester Technology Centre,<br>Oxford Road, Manchester, M1 7EF
| country        =  
| country        = UK
| businesses      =  
| businesses      =  
| products        =
| products        =
| employees      =  
| employees      = 501 - 1,000
| revenue        =  
| revenue        =  
| email          =  
| email          =  
| website        =  
| website        = [https://www.nccgroup.trust/uk/ www.nccgroup.trust/uk/]
| blog            =  
| blog            =  
| facebook        =  
| facebook        =  
| linkedin        =  
| linkedin        = [https://www.linkedin.com/company/ncc-group NCC Group]
| twitter        =  
| twitter        = NCCGroupplc
| keypeople      =  
| keypeople      = Rob Cotton, CEO<br>[[Pete Stock]], Managing Director, Domain Services<br> Daniel Liptrott, Managing Director, Escrow<br>[[Hans Seeuws]], Managing Director, OpenRegistry<br>[[Andy Ramsbottom]], Account Director
}}
}}
As a global leader in penetration testing and network security, NCC Group is uniquely positioned to not only escrow registry data per ICANN’s requirements for new TLD applicants, but to provide a comprehensive risk management solution for all registry operators.
'''NCC Group''' is one of the world’s largest escrow providers and has one of the largest security assurance teams in the world. Originally well known in the [[ICANN]] community as a leading [[Registry]] & [[Registrar]] [[Data Escrow]] provider, it has expanded its footprint and now as well as escrow, it has become more and more involved in the Registry and Registrar business, both as the operator of the [[.trust]] domain and as the new owner of the Registry Service Provider, OpenRegistry.


==History==
NCC Group is uniquely positioned to provide registry & registrar data escrow services and a variety of domain security solutions to all registry operators, and new gTLD applicants.  
Since 1998, The Internet Corporation for Assigned Names and Numbers (ICANN) has served to help control and manage the Internet’s naming system. Recently, however, ICANN has been thrust into the public spotlight with its work concerning the introduction of new generic top-level domains (TLDs). As part of the TLD application process, applicants must meet many different criteria, one of which is a requirement to establish daily transfers of WHOIS data to a reputable escrow agent.


NCC Group has been active in the domain name community since 2008 when it assisted ICANN with the development of the gTLD Registry Failover Plan. Since then, NCC Group has been the preferred escrow provider for a number of registries and registrars worldwide, and is proud to be the only escrow provider with major operations in both Europe and North America. NCC Group’s offering is compliant with both US and EU law, and is designed to meet the needs of all registry operators worldwide.
Other ICANN related solutions from NCC Group include Domain Assured. Domain Assured is a domain abuse monitoring product that uses threat intelligence capabilities to deliver a complete picture of a domain’s threat landscape with continual monitoring of the major domain abuse types to provide rapid notifications of any attacks. It monitors a domain’s health and reputation and supports ICANN requirements by enabling registrars and registries to take a proactive approach to seeking out abuse.
 
==.trust Registry==
.trust is a gTLD that aims to provide a safer and more secure Internet for both businesses and consumers.
 
All applicants for a .trust will have to verify their identity and ownership of the trademark or brand used for the domain name. They will also have to ensure their organisation is secure by complying with .trust’s strict and specific code of security policies and undergo regular security monitoring to assure their infrastructure remains safe. This monitoring is performed by NCC Group's Continual Monitoring Service that was specifically developed by NCC Group and is managed by a dedicated Security Operation Centre.
 
.trust went live on March 9 2015 and NCC Group has moved its corporate website and emails to nccgroup.trust.
 
==Escrow Provider==
One of the requirements built into ICANN's new gTLD program is the daily transfer of [[WHOIS]] data to an ICANN approved escrow agent. This has to be performed by a third-party provider in a transparent manner to protect against registry failure and other contingency situations.<ref>[http://www.gtldstrategy.com/tag/ncc-group/ NCC Group, gTLDStrategy.com]</ref> NCC Group is not new to the ICANN community, and has been working in the domain name industry since 2008, when it assisted ICANN with the development of the gTLD Registry Failover Plan. It has since become a registry escrow provider for a number of registries and registrars. It is the only escrow provider with major operations in Europe and North America, and is compliant with US and EU law.<ref>[https://www.nccgroup.com/en/our-services/software-escrow-and-verification/registry-data-escrow/ Registry Data Escrow, www.nccgroup.com]</ref>
 
In 2008, NCC Group announced that it had been chosen by [[RegistryPro]] to act as its daily data escrow provider. The agreement was finalized in January 2008, and NCC Group provides all necessary data safety and security services mandated by ICANN's data escrow requirements for registry operators.
 
[[Minds + Machines]] has teamed up to work with NCC Group with all new gTLD applicants selecting their registry and consultancy services. Minds + Machines promises to act as intercessor between their clients and NCC Group.
 
[[Key-Systems]] has selected NCC Group as one of the preferred partners for registry data escrow services for applicants that have selected [[KSregistry]] as their new gTLD operating platform.
 
In 2013, NCC Group was approved by [[ICANN]] to provide data escrow services to new gTLD clients.<ref>[http://newgtlds.icann.org/en/announcements-and-media/announcement-31may13-en Announcement 31 May 13, ICANN.org]</ref>
 
In 2014, NCC Group became a Third Party Provider of Data Escrow services for Registrars.
 
==Monitoring==
 
In 2014, NCC Group launched its new Domain Abuse Monitoring Service, which monitors and reports on the overall health of domain portfolios. [[.wien]] became on the of the first new gTLD applicants to adopt the service.
 
During the ICANN52 meeting in Singapore, NCC Group presented a standalone version of the CMS product originally developed for .trust which could now be used by other gTLDs or by specific websites willing to improve their security posture and have a comprehensive view of their Internet assets.
 
==Registry Service Provider - ICANN accredited Registrar==
 
On January 20 2015, NCC Group acquired the [[OpenRegistry]] group of Companies. OpenRegistry is a Registry Service Provider that provides backend services to 23 Top Level Domains. OpenRegistry oversaw the ICANN gTLD application process for several major brands and cities and is one of the few providers to offer a fully licensed solution where the TLD can be run on the Registry Operator’s own infrastructure.
 
The OpenRegistry team also managed a registrar whose technical expertise reinforces NCC Group Secure Registrar, the company’s separate ICANN accredited Registrar formed in 2014. Originally created to provide an end-to-end solution to .trust customers, the Registrar takes advantage of the Group’s years of experience in security threat management to offer counsel and consolidation opportunities to major brands wanting to rationalise their domain names portfolio.  


==Technical Capabilities==
==Technical Capabilities==
* NCC Group's [[Registry]] [[Data Escrow]] program is based on our Escrow Live service.
* NCC Group's [[Registry]] [[Data Escrow]] program is based on our Escrow Live service.
* NCC Group utilizes a fully redundant infrastructure with four globally dispersed Tier III+ data centers, ensuring business continuity and no single point of failure.
* NCC Group utilizes a fully redundant infrastructure with four globally dispersed Tier III+ data centers, ensuring business continuity and no single point of failure.
* [[Whois]] data is deposited daily via an encrypted, secure [[FTP]] transmission. The file transfer process automatically triggers data decompression and decryption, and then generates an automated email confirming the receipt of the deposit.
* [[WHOIS]] data is deposited daily via an encrypted, secure [[FTP]] transmission. The file transfer process automatically triggers data decompression and decryption, and then generates an automated email confirming the receipt of the deposit.
* All transactions are logged in a secure database for auditing purposes to support [[ICANN]]'s compliance requirements.
* All transactions are logged in a secure database for auditing purposes to support [[ICANN]]'s compliance requirements.
* Domain Abuse Monitoring service, is built on NCC Group’s expertise in global information assurance, our proprietary algorithms identify common threat indicators to identify abusive domains before they become widely reported.
* A configurable abuse threshold allows clients to filter out potential false positives and concentrate their abuse teams on the highest scoring risk offenders
* The easy to use web portal can be accessed at any time, providing the ability to conveniently view the current status of the Domain Assured process and authorise any legal actions undertaken by NCC Group.
* Domain Assured maintains historic records for [[DNS]], IP and [[WHOIS]] data to support investigators in determining if a domain has been hijacked or intentionally created with abuse in mind.


===Independent IT Security Advisor===
===Independent IT Security Advisor===
NCC Group is also a leading full-service application, infrastructure, and mobile security consulting company. Since 1997, it has been chosen as a c consultant for federal governments and Fortune 50 clientele when it comes to all forms of penetration testing and vulnerability assessments. NCC Group is the only data escrow provider able to draw on this market-leading technical expertise and ensure that your Registry Data Escrow is stored under the highest levels of security at all times.<ref>User Submitted</ref>
 
Through expert security consulting, penetration testing, vulnerability research, incident response, risk management and governance advice NCC Group helps organisations to identify risk and formulate a robust security strategy.


==References==
==References==

Latest revision as of 10:14, 8 July 2015

Type: Publicly Traded
Industry: Registry & Registrar Data Escrow, Domain Security Services,
Software Escrow, Security Consulting, Website Performance
Founded: 1999
Headquarters: Manchester Technology Centre,
Oxford Road, Manchester, M1 7EF
Country: UK
Employees: 501 - 1,000
Website: www.nccgroup.trust/uk/
LinkedIn: NCC Group
Twitter: @NCCGroupplc
Key People
Rob Cotton, CEO
Pete Stock, Managing Director, Domain Services
Daniel Liptrott, Managing Director, Escrow
Hans Seeuws, Managing Director, OpenRegistry
Andy Ramsbottom, Account Director

NCC Group is one of the world’s largest escrow providers and has one of the largest security assurance teams in the world. Originally well known in the ICANN community as a leading Registry & Registrar Data Escrow provider, it has expanded its footprint and now as well as escrow, it has become more and more involved in the Registry and Registrar business, both as the operator of the .trust domain and as the new owner of the Registry Service Provider, OpenRegistry.

NCC Group is uniquely positioned to provide registry & registrar data escrow services and a variety of domain security solutions to all registry operators, and new gTLD applicants.

Other ICANN related solutions from NCC Group include Domain Assured. Domain Assured is a domain abuse monitoring product that uses threat intelligence capabilities to deliver a complete picture of a domain’s threat landscape with continual monitoring of the major domain abuse types to provide rapid notifications of any attacks. It monitors a domain’s health and reputation and supports ICANN requirements by enabling registrars and registries to take a proactive approach to seeking out abuse.

.trust Registry[edit | edit source]

.trust is a gTLD that aims to provide a safer and more secure Internet for both businesses and consumers.

All applicants for a .trust will have to verify their identity and ownership of the trademark or brand used for the domain name. They will also have to ensure their organisation is secure by complying with .trust’s strict and specific code of security policies and undergo regular security monitoring to assure their infrastructure remains safe. This monitoring is performed by NCC Group's Continual Monitoring Service that was specifically developed by NCC Group and is managed by a dedicated Security Operation Centre.

.trust went live on March 9 2015 and NCC Group has moved its corporate website and emails to nccgroup.trust.

Escrow Provider[edit | edit source]

One of the requirements built into ICANN's new gTLD program is the daily transfer of WHOIS data to an ICANN approved escrow agent. This has to be performed by a third-party provider in a transparent manner to protect against registry failure and other contingency situations.[1] NCC Group is not new to the ICANN community, and has been working in the domain name industry since 2008, when it assisted ICANN with the development of the gTLD Registry Failover Plan. It has since become a registry escrow provider for a number of registries and registrars. It is the only escrow provider with major operations in Europe and North America, and is compliant with US and EU law.[2]

In 2008, NCC Group announced that it had been chosen by RegistryPro to act as its daily data escrow provider. The agreement was finalized in January 2008, and NCC Group provides all necessary data safety and security services mandated by ICANN's data escrow requirements for registry operators.

Minds + Machines has teamed up to work with NCC Group with all new gTLD applicants selecting their registry and consultancy services. Minds + Machines promises to act as intercessor between their clients and NCC Group.

Key-Systems has selected NCC Group as one of the preferred partners for registry data escrow services for applicants that have selected KSregistry as their new gTLD operating platform.

In 2013, NCC Group was approved by ICANN to provide data escrow services to new gTLD clients.[3]

In 2014, NCC Group became a Third Party Provider of Data Escrow services for Registrars.

Monitoring[edit | edit source]

In 2014, NCC Group launched its new Domain Abuse Monitoring Service, which monitors and reports on the overall health of domain portfolios. .wien became on the of the first new gTLD applicants to adopt the service.

During the ICANN52 meeting in Singapore, NCC Group presented a standalone version of the CMS product originally developed for .trust which could now be used by other gTLDs or by specific websites willing to improve their security posture and have a comprehensive view of their Internet assets.

Registry Service Provider - ICANN accredited Registrar[edit | edit source]

On January 20 2015, NCC Group acquired the OpenRegistry group of Companies. OpenRegistry is a Registry Service Provider that provides backend services to 23 Top Level Domains. OpenRegistry oversaw the ICANN gTLD application process for several major brands and cities and is one of the few providers to offer a fully licensed solution where the TLD can be run on the Registry Operator’s own infrastructure.

The OpenRegistry team also managed a registrar whose technical expertise reinforces NCC Group Secure Registrar, the company’s separate ICANN accredited Registrar formed in 2014. Originally created to provide an end-to-end solution to .trust customers, the Registrar takes advantage of the Group’s years of experience in security threat management to offer counsel and consolidation opportunities to major brands wanting to rationalise their domain names portfolio.

Technical Capabilities[edit | edit source]

  • NCC Group's Registry Data Escrow program is based on our Escrow Live service.
  • NCC Group utilizes a fully redundant infrastructure with four globally dispersed Tier III+ data centers, ensuring business continuity and no single point of failure.
  • WHOIS data is deposited daily via an encrypted, secure FTP transmission. The file transfer process automatically triggers data decompression and decryption, and then generates an automated email confirming the receipt of the deposit.
  • All transactions are logged in a secure database for auditing purposes to support ICANN's compliance requirements.
  • Domain Abuse Monitoring service, is built on NCC Group’s expertise in global information assurance, our proprietary algorithms identify common threat indicators to identify abusive domains before they become widely reported.
  • A configurable abuse threshold allows clients to filter out potential false positives and concentrate their abuse teams on the highest scoring risk offenders
  • The easy to use web portal can be accessed at any time, providing the ability to conveniently view the current status of the Domain Assured process and authorise any legal actions undertaken by NCC Group.
  • Domain Assured maintains historic records for DNS, IP and WHOIS data to support investigators in determining if a domain has been hijacked or intentionally created with abuse in mind.


Independent IT Security Advisor[edit | edit source]

Through expert security consulting, penetration testing, vulnerability research, incident response, risk management and governance advice NCC Group helps organisations to identify risk and formulate a robust security strategy.

References[edit | edit source]