Domain Management team
The Domain Management team helps to protect critical government services that depend on the security of the .gov.uk domain.
Who we are
The Domain Management team sits in the Central Digital and Data Office (CDDO), which is part of the Cabinet Office.
We monitor public sector domains to keep them secure.
Our priorities
Our priorities are to:
- verify applications for .gov.uk domain names
- keep track of all of the .gov.uk domain names
- scan and monitor the .gov.uk domain name space to identify issues and help organisations fix them
- work with organisations to make sure .gov.uk domain names are renewed
- help organisations with .gov.uk domains sign up to the Registry Lock service
- make sure that .gov.uk domain names are registered with role-based government accounts
- provide organisations with support to solve any other DNS related administration or technical issues
Monitoring activity
We monitor the following public sector domains for vulnerabilities:
- gov.uk
- gov.wales
- llyw.cymru
- police.uk
- nhs.uk
- nhs.net
- nhs.wales
- nhs.scot
- mod.uk
We also monitor domains in other namespaces registered by public sector organisations where they have been shared with us.
We operate a number of services to monitor public sector domains. You can find more information about the monitoring tools we use.
We are committed to monitoring in a safe and responsible manner. We limit our monitoring to make sure we do not risk disrupting the normal operation of systems.
We design our monitoring to collect the smallest amount of technical information required to validate the presence of a domain or service related vulnerability or misconfiguration.
We limit the amount of personal data we collect. In the unlikely event that we do discover information that is personal or otherwise sensitive, we take steps to remove the data and prevent it from being captured again in the future.
If you are a public sector domain holder and would like us to stop monitoring your domain, please email support@domains.gov.uk.
Current outreach activities
The Domain Management team is seeking to improve how we support public sector organisations with their .gov.uk domains.
We are asking organisations to approve additional monitoring on their .gov.uk domains.
If you have received an email about this approval request, it is genuine and the domain holder or security lead should complete it.
We are inviting organisations to join our Domain Data Sharing program. By joining, you can receive vulnerability data directly into SIEM/ ITSM tools and get analysis for effective domain-related vulnerability management.
Register your interest in the Domain Data Sharing program by completing a quick survey or emailing the team directly at support@domains.gov.uk.
Contact us
Email support@domains.gov.uk for any questions about domains monitoring and vulnerabilities. Continue to contact domainmanagement@digital.cabinet-office.gov.uk for questions about registering a .gov.uk domain.
Working for us
Any job vacancies are advertised on Civil Service Job Search.