With the increasing amount of AJAX being used these days a lot of people are creating a security hole and many of them haven't really even thought about it. Sure you have a site where people log-in. You have protected your directories with ASP.NET security but what about the services?
My colleague Rob Bagby and I put together a screencast for you with the 7 steps to secure your RESTful WCF service. You can see it now on endpoint.tv.