This page is maintained for older versions of KronoDesk only. The latest documentation can be found at:

KronoDesk Administration Guide Help Viewer

2.3. Security Considerations

It is important to note that by default, all web pages served by IIS using the HTTP protocol are unencrypted, and as such, the usernames and passwords used by KronoDesk® to log into the application can be read by network sniffing tools. If you are using KronoDesk® purely within an intranet environment, this may not be an issue. However if you are externally hosting KronoDesk® onto a publicly accessible website, we recommend installing a Secure Sockets Layer (SSL) encryption certificate, and restricting all web-traffic to the secure HTTPS protocol instead. For details on how to perform this task, please refer to Appendix B - Installing an SSL Certificate.