Filter by Category

Why You Should Never Use FTP to Transfer Cloud Files

FTP is an unsecure method of transmitting cloud files

The cloud has become an increasingly popular topic among organizations in recent years. From sharing projects via cloud collaboration tools to exchanging files between a company and its trading partners using cloud storage buckets, cloud computing platforms like Microsoft Azure and AWS offer users a lot of flexibility over their day-to-day business processes.

These platforms, however, are not free from today’s cybersecurity considerations or risks. As organizations move a portion of their file transfer processes to the cloud to meet evolving trading partner requirements, they should take a good look at their file transfer protocols and practices to ensure a modern standard of security is met with the movement of their sensitive files.

One search term (on Google, Bing, etc.) often seen for cloud file transfers today is around FTP. Organizations are wondering if they can send files to their trading partners in the cloud using FTP—or they are looking for a free FTP solution to get the job done.

Should you exchange files in the cloud using an FTP client or server? Unless you’re sending files that aren’t sensitive in nature, the answer is no: FTP is never recommended for cloud file transfers. Not only is FTP an outdated protocol that lacks security options to protect your data, it opens organizations to cyberattacks and packet tracer tools.

If you’re still on the fence about using an FTP tool to quickly meet trading partner requirements in the cloud, though, here’s what you should know about FTP cloud file transfers:

1. FTP sends sensitive credentials in the clear.

FTP does not have good authentication to send or retrieve data. User credentials are sent as plain text, and information, like files and other documents, are transferred via FTP ‘in the clear.’ This means your information isn’t encrypted, and any hacker with a packet tracer could easily lift credentials from your connections.

2. FTP doesn't contain security functions like encryption.

FTP does not encrypt the tunnels that are created to send and retrieve files. Anyone watching a network would be able to see all files, sensitive and non-sensitive, that pass between your organization and your trading partners in the cloud. This doesn’t mean just hackers. Employees, vendors, and contracts may also be able to see what you’re sending.

3. FTP lacks modern cybersecurity considerations.

FTP was created in the 1970s when the internet was just getting started. This was a time with far fewer cybersecurity concerns due to the infancy of the world wide web. However, the internet is an entirely new landscape in 2019. Organizations constantly struggle to keep up with the rapid development of modern technology while also protecting the growth of information sharing from new cyber threats, including malware, spear phishing, and exploiting back door vulnerabilities.

Because of this, FTP is simply not equipped to handle modern security needs. At a minimum, file transfers should be encrypted and employ multi-factor authentication. A secure file transfer protocol like SFTP or FTPS is infinitely better than FTP and will still meet your needs for affordable file transfers.

4. The cloud does not absolve you from focusing on security.

Cloud computing platforms like Microsoft Azure and Amazon Web Services do offer some security services out-of-the-box, but those security features should not replace the basic security practices your organization follows. This is especially important to note if you need to comply with state or federal data security standards. FTP will simply not satisfy those requirements.

Look into what your cloud computing platform offers for file security, but never depend on it (or your trading partners) to fully to protect your sensitive data. Good cybersecurity is a two-way street. Being aware of the pitfalls and doing your best to bridge them will go a long way toward creating and maintaining strong cloud file transfer practices in your organization.

The Bottom Line: Ditch FTP for Something Better

Not being able to rely on FTP for your cloud file transfers may be disheartening, especially if you can’t afford the budget for a dedicated file transfer solution. But there’s some good news: affordable secure FTP client/server software for cloud transfers does exist!

In fact, SFTP, FTPS, and managed file transfer (MFT) solutions are abundant in today’s marketplace. There are reasons to avoid free tools (you can read about this here), but with modern resources at hand, you have plenty of options to keep you from falling back on FTP for your cloud file transfers.

Want more information on FTP and secure FTP?

Use this free resource to learn how to bring your FTP implementation into a more modern, secure framework. You’ll explore why FTP puts your data at risk and learn how to make your file transfers easier for you and your end users.




Add a Comment

Allowed tags: <b><i><br>

Latest Posts

What’s the Difference Between GoAnywhere 6.0 and 6.1?

May 20, 2019

We’re excited to share that GoAnywhere 6.1 is now available for download! The newest version of our managed file transfer solution includes over 30 new features, such as X12 data…

How to Encrypt Files in Linux

May 16, 2019

If your organization uses Linux operating systems to run key business processes, it’s important to implement tried-and-tested Linux security practices that support critical files as they…

Everything You Need to Know about FTP Automation Software

May 9, 2019

So, you want to automate your FTP file transfers. Whether you send a dozen file transfers a week, hundreds a day, or even more, automation is a smart step for most businesses. The benefits are…

15 Ways to Avoid Document Chaos with Secure Forms

May 9, 2019

Vendors, employees, customers, and trading partners exchange an abundance of files every day, often by a variety of means including mail, email, telecomm apps like Skype, shared file storage like…

How to Prevent Data Breaches with MFT | Checklist and Plan

May 2, 2019

You know what a data breach looks like in the movies. A character’s computer is suddenly overtaken by lines of green code. Windows and browsers pop up at lightening speed, as if the PC itself…