Sample size of one, but I worked at a medium sized company that had an Enterprise certificate they used to distribute internal apps to internal employees, and the few individuals who were given the keys to sign these binaries were told the warning about what they could and could not do with them. It was made crystal clear that if we abused that cert, Apple could revoke it and put us into a world of pain.
If some rogue team just got ahold of the certificate and keys and signed binaries meant to be distributed to the public, it meant either a major internal security failure or a willful disregard of Appleās policy on enterprise distribution.
If some rogue team just got ahold of the certificate and keys and signed binaries meant to be distributed to the public, it meant either a major internal security failure or a willful disregard of Appleās policy on enterprise distribution.