This article originally appeared on the Prime Design Solutions website.

Table of contents
Related articles
Have a question? Reach out!
Or, give us a call.

Your company has an established online presence, from your website to your email campaigns to social networking sites. But who controls these accounts? Who might have control of them in the future? If you’re not careful with your online accounts, it may not be you.

Domain Names

Your domain name (your “www” address) is a property that is typically renewed every year with a registration company like GoDaddy, with the domain Registrant listed as the owner of the domain. The domain Registrant should be someone who is permanently associated with your company. If your design firm is taking care of the registration themselves, be sure to specify to them who should be named as Registrant, and what contact information should be associated with the domain. This should be the name of an individual within your organization and long-term contact information for your company.

You should also put in place a succession plan in case the individual listed as Registrant leaves your company. Your domain registration should always remain within the hands of your organization.

Another thing to guard against – domain name scams that aim to get you to change your domain registration company. Be sure to keep track of the name of the company your domain is registered with, as well as login information, and ignore all domain-related solicitations from anyone but that company.


Do you know who has access to your website to make updates? WordPress allows your site administrator to add users to the site, each with a unique login and password. When people leave your company, your site administrator should remove them as site users, so that your website remains secure.


Your company has a business Google profile, whether or not you’ve “claimed” it. (Don’t believe us? Type in your company name into the Google search bar. The large, ad-like listing to the right is your Google profile.) The profile typically includes critical information such as your location, opening hours, phone number and more. If your website is correct but customers are seeing incorrect online information about something like your business hours, your Google profile is almost certainly where the inaccuracy lies! It is critical to have control over this profile, especially if your hours change seasonally. As a bonus, it’s even possible to add a “post” to your profile, which is like a Facebook update and can be used to tout your latest product, service, or whatever you’d like.

If your business Google profile is unclaimed, you can verify it by asking Google for a code via an automated phone call (it must be to the phone number in the profile) or a postcard (which must be sent to the address in the profile). Phone calls are easiest, but will not work if your business uses an automated phone answering system that requires the caller to enter an extension to reach a person. On the other hand, postcards can be difficult if you’ve changed locations, or don’t receive mail at the site’s address.

But what if someone has verified your Google profile and you don’t have control over it? You can email that person and ask them to add you to it, if you know who they are. If you don’t, you can request ownership of a business profile, but what will happen is that the current profile owner will get an email from Google asking them to contact you. If that person doesn’t check that email address anymore (or worse, has hostile feelings toward your company) and doesn’t follow through, Google may or may not grant you the option to “claim” or “verify” the profile. If it doesn’t, you can attempt to contact technical support.

The bottom line is that it’s important to maintain centralized control over this critical business resource by setting it up with the business owner’s email address, or with an email address that isn’t associated with a specific individual (such as an info@ address).

Facebook Pages and Instagram feeds

Facebook Pages are run by “admins,” and your business Instagram account can be linked to your Facebook. The initial creator of the Page is automatically made an admin, who can then designate other administrators. Facebook has created a tiered administration system so that other Facebook users can be added as an “editor,” which can do everything an admin can except delete the page; “moderator,” and so on. Assign administrative roles wisely!

Because of the nature of these pages, it is important to always have multiple individuals listed as admins. If an admin leaves your company, you should be sure to remove their admin status from the page. Likewise, if you have a third party taking part in running your Facebook Page, you should never have them as the sole administrator and should remove their capabilities from the page if you part ways.

Do not count on Facebook technical support being able to help you in such a situation – it is much better to avoid a situation in which you are not in control of your Page.

Twitter and YouTube

Twitter is run from a single username and password. YouTube is accessed from a single Google account/Gmail and password. If you have multiple people updating your company’s profiles on these sites, they will share the same login information. However, even if you only have a single person updating your profiles, multiple people within your business should know the login information. If people who know the login information leave, you should be sure to change the password and inform those who are still with your company.

If a password is lost, forgotten or changed without your knowledge, it is possible to reset the password using the email address that is used when registering for the websites. To ensure you will be able to reset the password if needed, you should use a generic company email address (for example, an “info@” email address) that is not specific to an individual.


It’s critical to maintain ownership of and access to everything your company puts online. Using a password management system is highly recommended to store all the passwords to your online presence.

If all of your online accounts are in the hands of a single employee or a third party company, there is an ongoing risk that when that employee leaves, or when you disassociate with the third party, that you will lose access to your accounts. Or even worse – an unhappy former employee could use their ownership of your online accounts against you.

A version of this article first appeared in 2011, and was updated in April 2022.