Access to the QMWISe method(s) should be made as secure as possible. If the data passes between your application can be encrypted using SSL, it is recommended that you do so. If your Perception environment also contain high-stakes assessments, it is recommended that you limit the communication between QMWISe and other servers to only known trusted servers. This can be done by controlling access using IIS. Questionmark recommends that basic authentication is used over SOAP headers.
This chapter discusses the security options that are available for QMWISe and is divided in to: