You need to be constantly aware of risks associated with giving access to users outside the company. This is especially true with Web traffic that is traversing numerous unknown and possibly unsecure networks. Network packet analyzers are constantly looking for key words and phrases such as "username" or "password". Using Secure Sockets Layer (SSL) encryption you can make sure that authentication of the Web folders on their IIS servers is not being passed in the clear. |