Plan encryption method for Project Server 2007
Updated: May 7, 2009
Topic Last Modified: 2009-04-27
We recommend that you configure Internet Information Services (IIS) to use Secure Sockets Layer (SSL) for increased security. If you do not configure IIS to use SSL, potentially sensitive data is sent in plain text between the clients and servers on your network. We recommend that you configure servers to use the IP Security (IPSec) protocol for server-to-server communication.
If you are using forms authentication, by default the password is sent in plain text. You should plan to encrypt this information. You can either use SSL or configure the ASP.NET
<forms> element to encrypt the forms authentication password. For more information, see INFO: Help Secure Forms Authentication by Using Secure Sockets Layer (SSL) (http://go.microsoft.com/fwlink/?LinkId=73258) in the Microsoft Knowledge Base.
This topic is included in the following downloadable book for easier reading and printing:
See the full list of available books at Downloadable content for Project Server 2007.