Certificate Authority Best Practices
Security should be the #1 priority for all Certificate Authorities. However, the CA security breaches of 2011 demonstrated that not all CAs are created equal and that the industry must raise the bar to ensure the long-term sustainability of the PKI for SSL trust model that the Internet relies on every single day. CAs must invest in infrastructure and commit to making security their first priority.
Now more than ever, it is critical to partner with a CA that has infrastructure security measures in place to defend itself, and your data, from emerging cyber-threats. Symantec, the #1 provider of SSL, is leading the drive to adopt and enforce stricter standards across the PKI ecosystem. By implementing a world-class certificate infrastructure and protecting it with robust security measures, Symantec and all other CAs can provide the greatest assurance possible that their certificates—and the organizations that use the certificates—are genuine and secure. (Based on Netcraft web analysis conducted in May 2012).
The Symantec CA operates from a security-first policy because protecting people and information is not just a business. It is our mission. We strongly believe that security by convenience is no security at all. Developing and maintaining a strong security posture is not easy. It takes time and experience; you can’t build a global trust model overnight. But in times like these, it is absolutely necessary.
Symantec secures more than one million web servers worldwide, more than any other Certificate Authority. 75% of the 500 largest e-commerce sites in North American and 93 of the 100 largest financial institutions worldwide that employ SSL certificates use Symantec.* These organizations trust Symantec because of our unwavering commitment to security.
* includes Symantec subsidiaries, affiliates, and resellers