Secure FTP

Secure File Transfer Protocols help you transfer data within and outside of your organization safe in the knowledge that your information is protected. Learn about the top secure FTP options and how you can start securing your file transfers.

What is Secure FTP?

File Transfer Protocol (FTP) is a network protocol used to transfer files between clients and servers. Secure FTP takes the basic function of FTP – file transfers – and makes it more secure. Since FTP is not secure in and of itself, it is often secured with SSL/TLS (to become FTPS) or replaced with SFTP (SSH File Transfer Protocol).

Is FTP Dead?

What is Secure FTP?

FTP still exists today but, while a surprising number of people still use it to move files from A to B, it is no longer the more secure way to transfer files. Developed in 1970, FTP has not kept up with security standards and tends to be an antiquated option for sharing files.

Why do users continue to employ FTP? It’s often free, and open-source FTP software does not require much digging to find.

Why shouldn’t you use FTP?

  • Authentication. FTP isn’t authenticated, meaning information including your ID and password are sent as plain text, rather than encrypted.
  • Maintenance. FTP was never intended to be used forever, and other file transfer protocols have sprung up to replace FTP and protect data.
  • Compliance. FTP is not robust enough to meet many of today’s business and compliance requirements. New data security standards and regulations stipulate the minimum requirements for secure data transfers – and FTP is not one of them.

Should You Replace your FTP Scripts?

As cybersecurity is increasingly top-of-mind for organizations, many are moving away from FTP to file transfer tools that are secure, easy to use and maintain, and include more features. The benefits of replacing legacy scripts and FTP including gaining the ability to centralize your workflows, automate your data movement, easily meet compliance regulations, and overall secure your transfers. Keep Reading   

Try Secure FTP Software Today

Looking for the best FTPS, SCP, or SFTP server for your file transfer needs? Learn how GoAnywhere MFT can help you achieve your file transfer goals with secure FTP clients and servers for Windows, Linux, IBM i, and other platforms.

Learn More   

Secure Alternatives to FTP

Secure alternatives to FTP

AS2

AS2, part of the Applicability Statement family, is one of the top file transfer protocols for Electronic Data Interchange (EDI) information. AS2 uses a secure TLS layer to secure data in transit and gives users the option of using a digital certification for authentication.

Learn more about AS2


HTTPS

HTTPS (Hypertext Transfer Protocol Secure) is a secure version of HTTP, offering certificate authentication, encrypting a website’s inbound traffic, and using a TLS encryption layer for data integrity and privacy. HTTPS protects the identity, account details, payment information, and other sensitive details on behalf of web visitors.

Learn more about HTTPS


SFTP and FTPS

Secure Shell (SSH) File Transfer Protocol (SFTP) and File Transfer Protocol over SSL/TLS (FTPS) are two of the better-known secure protocols.

SFTP FTPS
Ports Uses only port 22. Uses multiple port numbers; one for the command channel, and an additional port on the data channel for every file transfer request or directory listing request.
Authenticating connections Choice to use a user ID and password to connect to an SFTP server or to use SSH keys with or instead of passwords. Uses TLS/SSL to encrypt server connections and X.509 certificates to authenticate the connections.
Authentication Algorithms like AES and Triple DES are used to encrypt transferred data.
Speed Control and synchronization packets are sent on the same channel as data packets, which may cause SFTP to be slightly (but not significantly) slower than FTPS. Was designed to be more speed-friendly, with the control and data channel running asynchronously.
Implementation Considered the easiest secure FTP protocol to implement. Can be difficult to patch through a tightly-secured firewall.

Related reading: SFTP vs. FTPS: What’s the Best Protocol for Secure FTP?


What is FTPS?

FTPS allows you to connect securely with your trading partners, customers, and users. To verify authenticity, FTPS uses a combination of user IDs, passwords, and certificates. FTPS uses TLS to encrypt server connections, X.509 to authenticate connections, and AES and Trip DES to encrypt file transfers.

Related reading: What is FTPS?

What is SFTP?

SFTP, which stands for SSH File Transfer Protocol or Secure File Transfer Protocol, works over the Secure Shell (SSH) data stream to establish a secure connection and provide organizations with a higher level of file protection. Unlike FTPS, SFTP only needs a single port number (port 22) to establish a secure connection. SFTP works in Windows, Linux, and most other major platforms.

Related reading: How SFTP Works

How Secure is SFTP?

Is SFTP secure enough for you? While SFTP doesn’t require two-factor authentication, you do have the choice to require both a user ID and password, as well as SSH keys, for a more secure connection.

Managed File Transfer

Managed file transfer supports most file transfer protocols, including AS2, HTTPS, SFTP, and FTPS, to secure the exchange of information between users. Managed file transfer includes an extensive list of security features, including encryption for files in motion and at rest, and supports workflow automation, file transfer monitoring, notifications, and auditing. Enhance your team’s productivity in multiple ways while keeping security at the forefront.

Learn more about managed file transfer

More about secure alternatives to FTP   

How to Secure FTP and SFTP Servers

How to secure FTP and SFTP servers

Are FTP, FTPS, or SFTP servers secure? The number one way to secure your FTP servers is to stop using FTP. If standard FTP is running on your server, you should disable it as soon as possible; FTP is over 30 years old and isn’t meant to withstand the modern security threats we face today. FTP lacks privacy and integrity and makes it easy for a hacker to gain access and capture or modify your data while it’s in transit.

Secure your SFTP and FTPS servers with these steps:

  1. Use strong encryption and hashing. such as with SFTP and FTPS. Opt for strong ciphers like AES and TDES, or SHA-2 family algorithms for verifying transmission integrity, and disable any older, outdated ciphers like Blowfish and DES.
  2. Place your servers behind a gateway. Many organizations store their FTP servers in the DMZ, a public-facing segment that is easy to attack. Using an enhanced reverse proxy like a DMZ Secure Gateway keeps files and credentials in the private network, rather than opening inbound ports.
  3. Implement IP Blacklists and Whitelists. An IP blacklist allows you to deny system access to a range of IP addresses, either temporarily or permanently. If your trading partners use fixed IPs, you can whitelist their specific IP addresses.
  4. Harden your FTPS Server. Avoid using Explicit FTPS unless you force encryption for the authentication and data channels, and do not use any version of SSL or TLS 1.0. Plus, you should use Elliptic curve Diffie-Hellman key exchange algorithms.
  5. Set secure user policies.
  6. Require and use strong passwords.
  7. Implement file and folder security. Limit folder access to only the essentials. Encrypt files at rest, especially if they’re stored in the DMZ, and retain files on the FTP server only as long as needed.
  8. Lock down administration. Restrict admin duties to a limited number of users and require to use multi-factor authentication. Avoid easy-to-guess admin user IDs like “root” or “admin,” and protect passwords by storing them in an AD domain or LDAP server.

More best practices: 10 Essential Tips for Securing FTP and SFTP Servers

FTP and the Cloud

Can you exchange file send files in the cloud using an FTP client or server? Unless you’re sending files that don’t contain sensitive information, the answer is no. FTP is never recommended for cloud file transfers. Not only does FTP lack the features needed to protect the data you’re transferring, it can also open organizations to cyberattacks.

What’s a better way to transfer your cloud data? SFTP might be your answer: an SFTP server requires trading partners to authenticate in two different ways. They can either use an ID and password, all encrypted over the SFTP connection, or they can validate with an SSH key or SSH key/password combo. SFTP implementation tends to be just as simple as implementing FTP in your organization.

MFT in the cloud

Secure FTP Software

Secure FTP software protects sensitive file transfers with strong encryption and authentication methods, which creates encrypted tunnels between client and server systems. Secure FTP services help your organization with:

  • Automation. Automating your file transfers cuts down on user errors, reduces or eliminates the need for scripts, and frees up manual time spent creating and maintaining jobs.
  • Audit reporting. Track your all your file transfer activity with a secure FTP service to maintain compliance with regulations and privacy laws.
  • Administration. An easy-to-navigate interface simplifies administrative tasks, including user access, file transfer overviews, and role management.
  • Clustering for scalability and disaster recovery. Meet any volume of file transfer with clustering technology that allows processes to be distributed across multiple systems for load balancing.
  • Key and certificate management. Easily import and export SSH keys and SSL certificates with an intuitive interface, and receive notifications ahead of key expiration dates.

Discover Secure FTP Software   

Secure FTP and Managed File Transfer

Learn how to bring your FTP implementation into a more modern, secure framework. Discover how managed file transfer can make your file transfer processes smoother than ever before.