Securing Team Foundation Server
Security for Team Foundation is integrated with Windows authentication and based on users and groups. Windows authentication is used to authenticate accounts for connections between Visual Studio Team Foundation Server and clients of Team Foundation. In addition, authorization in Team Foundation Server is based on users, groups, and permissions in Team Foundation Server. You can increase the security of your deployment in several ways, which include the following tasks:
Assigning permissions to users and groups.
Understanding the underlying architecture of your deployment.
Increasing the security of the network ports and traffic between clients and servers.
You can configure your deployment to use Hypertext Transfer Protocol Secure (HTTPS) with Secure Sockets Layer (SSL). With this configuration, network traffic is encrypted between Team Foundation Server and the clients that request access to its resources, which include team project portals, reports, and work items. You can configure your deployment to support HTTPS with SSL in addition to HTTP, or you can require Team Foundation Server users to use HTTPS with SSL.