make Sophos Endpoint updates by WebCID possible over HTTPS
Please make it possible to use HTTPS for WebCID updates of the product Sophos Endpoint Protection. Now only HTTP is possible, this is undesirable because authentication details (credentials) are being sent over the internet in plain text.
Paul Mattias commented
Please allow HTTPS updates for access from computers outside the Enterprise. In order to be compliant with our Sophos agreement regarding one home use installation client we needed to install a SUM in our DMZ. We use the client's AD account to determine if they can access the SUM. That way if a client's account it terminated, they can no longer receive updates. However, we are concerned with the transmission of the client plain text credentials over HTTP as anyone monitoring the line can capture that information. Please allow this feature soon!
I would also that it is possible to update via https.