Cyber Monday: How Secure Companies Are Keeping Their Websites Safe

Use Separate Test Signing And Release Signing Infrastructures

According to Symantec, it is advisable to set up a parallel code-signing infrastructure using test certificates generated by an internal test root certificate authority. The objective is to ensure that business-critical private certificates, which are used to sign officially released software, are not stored on insecure systems used for routine software development tasks. Taking this extra step reduces the likelihood that the business-critical certificates will be compromised.

Get a roundup of CRN's security coverage right to your inbox with the Security Advisor newsletter.