Securing Team Foundation Server
Security for Team Foundation is integrated with Windows authentication and based on users and groups. Windows authentication is used to authenticate accounts for connections between Visual Studio Team Foundation Server and clients of Team Foundation. In addition, authorization in Team Foundation Server is based on users, groups, and permissions in Team Foundation Server. You can increase the security of your deployment in several ways, which include the following tasks:
assigning permissions to users and groups
understanding the underlying architecture of your deployment
increasing the security of the network ports and traffic between clients and servers
You can configure your deployment to use Hypertext Transfer Protocol Secure (HTTPS) with Secure Sockets Layer (SSL). If you use HTTPS with SSL, network traffic is encrypted between Team Foundation Server and the clients that request access to its resources, which include team project portals, reports, and work items. You can configure your deployment to support HTTPS with SSL in addition to HTTP, or you can require users of Team Foundation Server to use HTTPS with SSL.