FTC Mandates GoDaddy Enhance Security Protocols

The Federal Trade Commission (FTC) has mandated that GoDaddy, a major web hosting company, enhance its security protocols to resolve allegations of inadequate data protection. This follows the FTC's findings that GoDaddy misled customers about the security of its services and failed to implement basic security measures like multi-factor authentication and proper network segmentation, leading to several breaches from 2019 to 2022. The settlement requires GoDaddy to establish a comprehensive information security program and undergo independent third-party assessments, though it involves no admission of fault or monetary penalties. GoDaddy, which hosts approximately 82 million domain names, claims to have already implemented several required measures and is committed to ongoing security improvements. The FTC's action highlights the importance of robust security practices for companies that provide critical infrastructure to small businesses globally. The measures are part of a broader FTC effort to ensure companies accurately represent their security capabilities and protect consumer data effectively.