Filter by Category

Is FTP Dead?

Should you use FTP for your file transfers?

Is FTP still a viable option for sending file transfers? While organizations across all industries have started shifting to secure FTP protocols like SFTP and FTPS, a surprising number of businesses still use FTP to transfer sensitive documents across internal and external networks. The search “how to use FTP” comes up with over 163 million results on Google, for example, versus only 29 million for the more secure “how to use secure FTP” search. Why? People are always on the lookout for free or open-source software that will help them do their job quickly and efficiently, and FTP is no exception.

While it may sound counterintuitive, FTP is a dying protocol. Created in the 1970s, FTP was only meant to be used during the early years of the internet—back when security concerns weren’t as prevalent and data breaches were almost non-existent. Almost 50 years have passed since 1970, but while much has changed, FTP has not kept up with modern security standards. It’s a cheap but terribly outdated option for organizations today.

Consider it this way: if you wouldn’t use an old, unsecure desktop computer from the 1970s to do your job, it’s probably safe to say you shouldn’t use FTP either.

The Negative Effects of FTP on Today’s Industries

Some professionals are aware that FTP isn’t ideal but don’t understand how dangerous it is. If you fall in this category, here are a few news articles on FTP you should read to help enlighten FTP’s risks.

1. 2019: ProFTPD, a popular open-source FTP server application used by millions, is affected by a serious vulnerability. (Remember: Open-source software can be risky vs. an enterprise-level solution.)

2. 2018: MedEvolve exposes 205,000 patient records through a misconfigured FTP server. These records were not password protected.

3. 2017: FBI warns healthcare organizations to increase FTP server security. They state that “the FBI is aware of criminal actors who are actively targeting FTP servers.”

4. 2010: 43,000 names and SSNs of Yale affiliates are shared when Google starts to include FTP servers in its search results. This information was not encrypted.

Help Net Security also reports that, according to survey responses, 40% of organizations claim file sharing services like FTP sites have caused an employee-driven data breach.

Other FTP Considerations for IT Professionals

FTP isn’t authenticated:

When you send files over FTP, information like your user ID and password are sent as plain text. Files are sent “in the clear,” which means it’s not coded, scrambled, or protected in any way. Any information sent through FTP is extremely vulnerable to any hacker (or even others in your organization) who uses a packet tracer on your network.

Unfortunately, there’s no real way to circumvent this lack of FTP authentication. FTP cannot be propped up with crutches or temporarily patched. To improve the situation, you either need to use separate encryption software to secure your data or make the move to a secure FTP server and client.

FTP isn’t maintained or updated:

While organizations still opt to use FTP, this protocol was never intended to be used in 2019. Other file transfer protocols, like FTPS, SFTP, HTTPS, and AS2, have since been created to replace FTP and protect data in transit between recipients.

Even if you’re happy with FTP use, that’s often not enough to remain in line with business requirements. Many data security standards and regulations now expect organizations to use modern protocols when passing data to their trading partners and clients.

The Bottom Line of FTP Use

FTP is dying a slow death. Organizations are transitioning steadily to secure methods of file transfers in order to meet compliance requirements, trading partner requests, data security standards, and customer/public expectation. While FTP may be around for many more years, it’s always a good idea to avoid the temptation of free or open-source FTP tools and invest in a secure solution.

Go Beyond FTP: Secure Your Data with SFTP

If you’re using FTP, there’s good news. You don’t have to blindly make the switch from FTP to secure FTP! Use this free white paper to explore how bringing your FTP implementation into a modern framework can help protect your data, simplify your file transfers, and prevent data breaches.

Read the White Paper

Related Posts


10 Essential Tips for Securing FTP and SFTP Servers

Most organizations use FTP or SFTP servers to exchange files and other critical business documents with their trading partners. Unfortunately, these servers have become a primary target for hackers,…


Are SFTP and FTP the Same?

The Key Differences Between SFTP and FTP Are SFTP and FTP the same? While they originate from the same ballpark, the answer to this question is ultimately NO. Secure File Transfer Protocol or…


Are SFTP Files Encrypted?

Are SFTP Files Encrypted? The definitive answer to “Are SFTP Files Encrypted,” is yes! SFTP, short for Secure Shell (SSH) File Transfer Protocol is a network protocol organizations use to secure…


Everything You Need to Know about FTP Automation Software

So, you want to automate your FTP file transfers. Whether you send a dozen file transfers a week, hundreds a day, or even more, automation is a smart step for most businesses. The benefits are…


Five Secure File Transfer Alternatives to FTP

The Need for Secure File Transfer ProtocolsBack in the day, File Transfer Protocol (FTP) was the go-to protocol for sending files. It was a simpler time, and security was far less of an issue than it…