Yatra.com down for 2 days due to delay in domain renewal


Newspapers reported that the travel web site Yatra.com was unavailable over the weekend from August 9th and came back on August 11th ( “Yatra.com’s inactive site impacts sales” The Hindu August 12, 2013). During this period users could not access yatra.com and instead were redirected to a generic domain registrar’s page with the message “domain has expired”. It is understood that the outage was due to its domain name expiring on 9th August 2013.

The website was unavailable for business and losses of around Rs. 20 – 30 crore in sales have been estimated by the media; after all it is one of the most widely used travel booking website in the country. In addition to the direct losses, there could also be reputation issues.

The domain name was renewed after 2 days on 11th August 2013 and web site came back online. The learning from this incident is that this is a key risk that often gets ignored. The consequences could be serious ranging from lost business to someone else appropriating the expired domain name. We suggest that risk managers consider website risks as one of the strategic risks and not just an IT risk.

Here are few takeaways to manage this very important risk.

• The domain name registrars require at least two contact names & their contact details (administrative & technical) so that renewal or other emails can be sent. These should be current at all times otherwise renewal mails may go to the wrong email addresses or to people who have left the company. Most companies (ex Yatra) have kept one name from IT for both administrative & technical contact. It is suggested that two separate individuals be mentioned, one of which could be one of the key executives such as CIO, CTO, COO or even the CEO so that registrar’s mails will get the right seriousness.

• The IT department should keep a list of all its domains and their renewal details. Domain names are assets and should be protect like other assets in the company. Expiries should be tracked along with other services, software, contracts renewals.

• All other risks connected with domain name & website should be included in the risk assessment and controls evaluated. Audit and other internal controls functions should get involved in auditing the controls.

Other Services of Interest

  • GDPR Countdown

    Riskpro is working hard so that clients can GDPR deadline as the clock ticks away.
  • EU-US Privacy Shield for Data Transfers

    Come GDPR (General Data Protection Act) and EU-US PRivacy shield will assume more importance. Privacy Shield Overview The Privacy Shield program, which is administered by the International Trade...
  • Reduce your GDPR implementation Costs - Hire GDPR Experts in India

    Reduce cost for GDPR Compliance - Remote Consulting from India GDPR readiness assessment and implementation can be costly. And time is short. Instead of paying premium fees to local GDPR consultants...
  • Riskpro India on top of Emerging Risks that bother you

    Riskpro India is well positioned to offer advisory services for emerging risks such as Data Protection (GDPR), information security, assurance services such as Third party risk management, internal...
  • Risk Appetite and Risk Strategy

    COSO Enterprise Risk Management 2017 is here. And one of the most important changes in ERM is that ERM ties back to strategy and business objectives. ERM is no more an isolated practice followed...
  • Introduction to GDPR - Data Protection Training Mumbai

    You are invited to an enriching introduction to the most important regulation in data privacy – The EU General Data Protection Regulation (GDPR). The regulation is creating ripples across the Indian...
  • Digital Forensic Services

    Riskpro has partnered with a specialist Digital Forensics Services firm to offer digital forensic services. This involves analysis of digital assets for specified objectives. Whether it is a...
  • COSO ERM 2017 - Know the risks that matter

    In risk management, the end goal is to manage the risks that matter, and not to manage all the risks that can exist. For this, a welcome update to COSO ERM 2017 is the shift from process based risk...
  • Risk Management Score - Benchmarking Risk Management effectiveness

    Risk Mitigation results are often not apparent. This makes it more difficult to justify whether a company is doing it right. To overcome this issue, Riskpro has introduced a proprietary Risk...
  • Go to top