It’s more of a security posture issue. Hopefully, we’re not using Production Data in the Dev instance. If so, then we are passing user credentials in the clear. If people are reusing their Kinetic and Windows passwords, they can be easily sniffed out by a threat actor. I know we feel “safe” in our networks but owners of Barracuda, CISCO, FortiNET, Progress, and most recently Ivanti edge devices are learning why it’s important to encrypt your internal networks.
Having a trusted certificate is really the best way forward. It makes working with outside services like PowerBI, Automation Studio, Azure, etc. possible. I have even noticed that both SQL Server Management Studio or Azure Data Services are starting to warn us if our SQL Servers don’t have a valid cert.
The next challenge with certs will be when Google reduces the lifetime to just over 90 days. Imagine having to have to distribute self-signed certs every quarter. There are ways to handle this like using https://certifytheweb.com or use almost free services within Azure.
It’s time to get ready for the future.
