Sitefinity has released 7.2 in the last few days. I found this release to be quite secretive. There was never any Road Map posted for it and as I write this the Road Map is still talking about 7.1. There is some very cool features in this release. Yet, to be honest, I am at the same time wowed and ho-humm'd about the release.
Sitefinity has good security out of the box but the one thing they can't do and you should do is secure the log on page. Even for a simple site you can get a free SSL cert or very cheap ones. They aren't high quality but they are far superior to the open plain text you are sending without them. There are also a few other steps you can take to make your site more secure.