All application data transmitted to and from the client browser is encrypted using the web server’s built-in SSL (secure socket layer) encryption. This standard security ensures that no one can see your data as it passes over the public Internet or over your private intranet and local area networks.
Applications generated by Iron Speed Designer are run in conjunction with a standard Microsoft IIS web server, which uses port 80 and 443 to serve pages to application users. Data collected from an application user is passed through the web server to the application and then to the database, using a standard N-tier architecture. The N-tier architecture ensures that your database is not connected directly to the application user.
Moreover, Iron Speed Designer does not generate any appreciable client-side scripting code that contains data access logic. All data access code is in the Data Access Layer, so that malicious application users cannot reverse engineer the data access mechanisms.
The issue of SSL and security certificates is orthogonal respect to Iron Speed Designer. Any application, whether Iron Speed Designer-generated or hand-created, or for that matter .NET, Java, or HTML, can be SSL-enabled by simply configuring the web server to support SSL (https) and providing a security certificate.
This link has useful information on configuring SSL (https) for your web server:
http://www.petri.co.il/configure_ssl_on_your_website_with_iis.htm
Configuring Your System for Application Security
Configuring Microsoft IIS for Application Security
Active Directory Role Management
Microsoft Authorization Manager (AzMan) Role Management
Configuring Microsoft Authorization Manager (AzMan)
Handling SQL Injection Attacks