Website Security Solutions

Website Security Solutions allow companies and consumers to engage in communications and commerce online with trust and confidence. With more than one and a half million web servers using our SSL certificates, an infrastructure that processes more than four and a half billion certificate checks daily, and a trust mark that is seen more than half a billion times a day in 170 countries, the Norton Secured seal is the most recognized symbol of trust on the Internet.

Follow Us on Twitter
  • 0
    Created: AllenKelly 05 Oct 2012

    $1,000 #SpotTheCheck Twitter Contest

      To participate in the contest: Follow @NortonSecured on Twitter. Visit your favorite websites. Spot the Norton Secured Seal. Tweet the following: “I saw the @NortonSecured Seal at [website URL] #SpotTheCheck”                             That's it! Each week for the next 10 weeks, entrants will be entered into a random drawing for a chance to win a $100 Amazon gift card! Tweets must include @NortonSecured, the publicly-accessible website URL, and #SpotTheCheck....
  • 1
    Created: FranRosch 27 Sep 2012

    Protect Your Code Signing Keys for Secure Applications

    Recently, the industry has seen increased instances involving malware signed by legitimate code signing certificates owned by legitimate companies. In each of these incidences, the private key, associated with the code signing certificate, was either compromised or otherwise maliciously used.  Code signing private keys are owned and protected by the company or business, and not the Certificate Authority (CA). Symantec advises companies to apply rigorous protection and security policies to safeguard private keys for code signing. As it is our responsibility as a CA to thoroughly authenticate each organization that applies for a code signing certificate, it is also the responsibility of the certificate owners to protect their private keys from compromises. When malicious code makes its way into the wild, it hurts everyone whether it’s a business, organization or user. Symantec recommends the following best security practices and policies to protect code...
  • 0
    Created: FranRosch 25 Sep 2012

    Protecting the Internet Trust Model

    With National Cyber Security Month right around the corner, I  wanted to take this chance to discuss Symantec’s point of view about the current state of the Certificate Authority (CA) industry. After a year riddled with highly publicized CA security breaches that threatened to undermine confidence in the entire system the message is clear:  In order to build public confidence and protect the trust model that the Internet relies on every single day (over 4.5 million sites!), the CA industry must pull together and focus on improving its operations and practices while adapting to a constantly evolving technological environment.  One way we do this is by actively supporting organizations such as the CAB Forum and the Online Trust Alliance (OTA).  Coming up shortly is the Online Trust Forum in San Jose, CA on Oct 2-4.  To...
  • 4
    Created: Jeannie Warner 10 Sep 2012

    Friends Don't Let Friends Misunderstand Clouds

    This is the first in a series of ponderings I've been having about Cloud computing, how little it's understood by end consumers, and what we in the IT space need to do to better educate the people on the street. The general internet has been greedy in terms of self-interest, selling people short in its expectations of their ability to learn about concepts and ideas. However, I am idealistic enough to really believe that once people understand what is in their best interest in terms of internet security, they will tend to act in ways that support that self-interest, to the extent that they are able. And so if we wish people to act in enlightened self-interest, we need to educate the society around us. This pondering started when I read this viral article from the Business Insider, spread by Facebook: http://www.businessinsider.com/people-think-stormy-...
  • 0
    Created: FranRosch 04 Sep 2012

    Physical Security Makes Web Security Possible

    Trust on the internet isn't just a catch phrase. It's a concern that engenders policies that extend from the virtual world of security products and integration all the way down into process and physical reinforcement. It is also a daily practice at Symantec, where we back up our mission statements with concrete, measured practices. We built our datacenter facilities with a defense in depth approach, and believe in practicing what we preach regarding the standards a CA should adhere to. My leadership team demands that our infrastructure supports our strategy to be the best. We gave the folks at CNet a tour of our Operations facility where we process SSL Certificates, and showed them our model of what makes a secure facility. We are constantly investing in improvement, keeping up with the latest trends in physical security as a vital link to supporting our virtual security. Recently, CNet published the following article about what they saw on that tour: ...
  • 0
    Created: Jeannie Warner 28 Aug 2012

    Safe Surfing for Sports Season

    Keeping Your Personal Information Secure   It’s a great time for sports fans, with the summer Olympics still fresh in our minds, the NFL season kicking off, and hockey and basketball just around the corner. Unfortunately, it’s also a great time for cyber criminals who take advantage of the excitement to steal valuable personal information. A common approach, known as “phishing,” uses phony emails that inform fans they have won the “NFL Lottery” or can purchase discounted tickets. These emails often contain links to websites that look genuine but are designed to trick users into providing login and password details. Some also include attachments that can download nasty computer viruses. As scammers grow more sophisticated, users have to up their defensive game. Here are some tips to help protect against phishing attacks: Never click on links or open attachments in unsolicited emails....
  • 0
    Created: FranRosch 15 Aug 2012

    Symantec Continues to Grow Market Share in SSL

    Last week Netcraft released its monthly report on global SSL certificate issuance and market share. The report states that Symantec experienced another banner month of growth.  According to the August 2012 Netcraft report, Symantec saw the largest overall gain in net new SSL certificates. We continue to remain the overall SSL market leader with a market share of 38.4% (Netcraft, August 2012).  Our internal Symantec model actually reflects that Symantec has a much larger market share as many large Enterprises use our SSL certificates behind their firewalls where Netcraft is unable to explore.  Symantec also continues to dominate the Extended Validation (EV) SSL market segment, outpacing the competition in terms of growth while issuing 64.5% of all active EV SSL certificates today. EV SSL certificates offer the highest level of validation, and provide consumers the absolute highest level of trust in the websites they are sharing data with. It’s important...
  • 0
    Created: DeanJC 13 Aug 2012

    Next Generation Code Signing: Keeping malware off of your system

    Code signing has been around forever and was the initial step to keeping personal computer systems secure. The concept is simple: have developers digitally sign their code before it’s released so that if it turns out to be malware, we can determine who signed it and when. Then we call the FBI, arrest the malware author and clean up our machines.  On the surface this sounds pretty straightforward, but Over the last few years, it was discovered that stolen code signing certificates have been used to sign malware. No one knows for sure how the certificates were stolen but most likely, the private keys, which are stored on PCs, were not protected with good passwords and were hacked. Those keys were then used to sign code such as Stuxnet.  Stolen keys undermine code signing and something had to be done about that. Most people have heard of Extended Validation (EV) SSL certificates; an SSL certificate which displays differently in the browser, utilizing a...
  • 0
    Created: FranRosch 07 Aug 2012

    Why Your Certificate Authority Matters, Now More Than Ever

    Last week the Certificate Authority / Browser Forum (CA/B) voted down a motion to extend a deadline for its members to sign an intellectual property rights agreement (IPR). Signing this agreement is mandatory to retain membership. Those who had not signed by August 1st are no longer members of the CA/B Forum. Entrust, CyberTrust (Verizon), and Research In Motion (RIM) are among the CAs who did not, or would not sign the IPR. They’re all out. So what? What’s so important about the IPR is that it enables CAs and browsers to work together as an industry to develop improved Internet security standards without infringing on any particular organization’s intellectual property rights.  This transparent, collaborative workgroup will help drive innovation to better secure data in transit over the Internet. As a result of their inaction, the CA’s mentioned above will not have a role in forging a more secure future for...
  • 1
    Created: AllenKelly 01 Aug 2012

    Staying Safe on Social Networking Sites

    Last month, a popular social networking site fell victim to one of the industry’s largest hacking attacks, losing more than 6.5 million user passwords—including 165,000 that were cracked and posted online. Shortly after, similar password breaches occurred at a popular dating site and a popular music site. With hackers increasingly targeting social networking sites to gain sensitive user information, it’s becoming especially important for users to be cautious and mindful of their online behavior. Because chances are, the passwords that many people use to log in to their social networking accounts are the same ones they use to access other online accounts, including banking or other transactional sites. Want to make sure your next social networking session is a safe one? Here are a few tips...