SFTP (also known as Secure File Transfer Protocol and SSH File Transfer Protocol) is a network procedure that allows for the secure access, transfer, and management of electronic files over a data stream. SFTP is able to ensure the safe transfer of files through advanced data and command encryption used to safeguard information and passwords.
FTP (File Transfer Protocol) has traditionally been the go-to method for transferring files – but without the ability to provide data encryption and secure storage, a standard FTP leaves much to be desired. Designed by the Internet Engineering Task Force (IETF) as an extension of the Secure Shell Protocol version 2.0, SFTP was created and crafted to provide a secure and reliable business solution for the transfer of confidential files.
Traits of a Secure File Transfer System
In Motion: Whenever you send files via FTP, your information is being transferred – including your username and password. This information can easily be intercepted and viewed by 3rd party intruders with free and easy to access software. With the right encryption technologies, you can render this information unreadable to those equipped with these dangerous and intrusive tools.
At Rest: Your files are not only at risk during a file transfer. Transferred files tend to end up in a transfer server – where sensitive data is in abundance. Hackers with ill-intent would rather attack a server instead of files in transit as it provides more opportunities to uncover confidential information. A truly secure SFTP will allow you to encrypt your data during transit and storage.
While keeping unwanted viewers away from your sensitive data is important – it is also beneficial to prevent file alteration. Keeping the integrity of your data is paramount in proving a secure system – and your SFTP system should be able to detect and prevent unauthorized access and/or alterations made to any file.
User authentication and security measures are essential to any secure IT system. A Secure FTP system will generally come with multiple controls to manage and limit the accessibility of files. Some preventative measures include:
- Username & password access
- Strong password requirements
- IP-based access
- User defined permissions
If you would like to increase the strength of your own passwords – be sure to read our article on secure password generators.
This one is a no-brainer. Viruses and malware love to hang out in files – and that is exactly what you are managing and transferring. Having a solid antivirus software is essential in providing a preventative and proactive solution against hidden threats.
Event Logs & Audit Trails
Event logs and audit trails are important in the world of IT security – and your SFTP is no exception. Should a security breach or system failure occur, it is extremely beneficial to know who and what may have caused it. Event logs are not only fantastic for pinpointing issues – it is also a phenomenal way to:
- Ensure security best practices
- Discover vulnerabilities
- Stay compliant with industry regulations
If you are interested in learning more about SFTP and how it works within our document management solutions – contact us today!