My company, call it CompanyA, is using an internal active directory namespace (and DNS) of CompanyA.net. This domain is used to access internal resources for a subset of the user population.
However, CompanyA does not own the public domain CompanyA.net. It is owned and registered by a third party who controls the DNS server. CompanyA's desktop and laptop machines are configured with a dns suffix search order which includes CompanyA.net. So, considering that laptops walk out of the building and connect externally, it strikes me as a ... questionable practice.
I am suggesting that CompanyA should purchase CompanyA.net from the owner of that domain in order to prevent DNS hijacking, connectivity issues, and the sort, but I am having trouble articulating why this is a good idea.
Could anyone please help me out with reasons or language or maybe some blogs or references which would explain why it is a good idea to own the public DNS name spaces which are used internally?