One important note is to use pip>=1.3 (included in virtualenv>=1.9) as prior to this version, pip downloaded from pypi using http and was thus vulnerable to man in the middle attacks.

You might also like to check out wheel, which allows you to compile signed binary distributions that you can install using pip.