I am currently migrating to EPM 2018.3 with a side-by-side migration. I chose to start fresh instead of using our existing database. One of the changes I'd like to make is using HTTP for all packages instead of a combination of HTTP/UNC. Since Mac packages require HTTP and the CSA does as well, it seems to make the most sense.
Are there any caveats to only using HTTP?
Currently, the default HTTP settings leave everything accessible to any user on our network. Although users can't install software, they could easily find information that they shouldn't, such as license keys. Is there a recommended way to make this more secure without causing problems during package and patch deployment?