○ Use an SSL certificate (HTTPS)
With SSL confidental information will be send encrypted so that private information cannot be intercepted. Websites with a SSL certificate can be recognized by HTTPS in the link.
The certificate is default for aNewSpring environments which are created after 21 October 2015. When your environment is created before that date, you can set the certificate manually at the Settings tab.
Enable HSTS if you always want to enforce a secure connection. You can find more information about it at xolphin.com.