I'm writing a client/server that will allow Customer Data to be shared between our head office and on-the-move sales folks within the company.
The server downloads and writes the customer data in XML files but also keeps the data in memory so that it can act as a local client as it were.
I'm planning to Serialize the ArrayList so that the customer data can be easily sent across the internet. How secure is this? Should I look into some form encryption before I transmit the Serialized object?
I wouldn't perform the the encryption as part of the Serialisation.
There are two issues here:
1 and 2 are separate problems and combining them into a single solution will only create problems for yourself in future.
I would use out of the box Serialisation and then use a secure transmission channel, like TLS.