I've recently written an article for November/December's TechNet Magazine which looks in detail at how to secure both your web server and transactions between it and your customer's browser(s).
It's pretty technical and is approximately two and a half thousand words. I show you step by step how to implement the Public Key Infrastructure components of a Web Server certificate, application layer firewalling and also examine how your security policy should be tailored to support this type of access.
The article and entire magazine are available free of charge for download - just browse to TechNet Magazine to see for yourself. Please add a comment if you'd like to give feedback re. this article and for suggestions of future articles.
Thank you to Steve Riley (Microsoft) for kindly agreeing to review the article prior to publication. Steve's also an avid blogger - check out his post listing many free online videos of some great security sessions.
Thanks also to the TechNet Magazine team including Joshua Hoffman - technical & acquisitions editor
A CHM file download - http://www.microsoft.com/technet/technetmag/htmlhelp.aspx and