What is Secure FTP?

Secure FTP

Coviant Technology Briefs

What is Secure FTP (File Transfer Protocol)?

FTP is a file transfer protocol that does not include any options for encrypting data in transit. It was originally designed for use in private scientific and research networks and is based on a specification defined in 1985 by the Internet Engineering Task Force in RFC 959. FTP uses two connections to send data. Authentication data (e.g., usernames and passwords) is exchanged on a command channel. Data files are sent on a separate channel that is established after the authentication is complete.

Secure FTP is a broad term that refers to two different technologies that can encrypt both authentication information and data files in transit.

  • FTPS refers to secure FTP that uses SSL or TLS for encryption. FTPS is very similar to FTP and uses extensions to FTP that add support for the Transport Layer Security (TLS RFC 4217) and Secure Socket Layer (SSL RFC 2228) protocols. Like FTP, FTPS uses two connections – a command channel and a data channel. You can choose whether to encrypt both connections or only the data channel.
  • SFTP refers to the use of Secure Shell or SSH network protocol to exchange data over a secure channel. Unlike FTP and FTPS, the SFTP protocol is only a draft specification, which can cause small incompatibilities between SFTP client and server implementations. SFTP uses only one connection and encrypts both authentication information and data files being transferred.

Secure FTP protocols protect data only while it is being transmitted. Once data files have been written to a secure FTP server, the data is no longer protected unless the files were encrypted before transmission. A typical scenario is to encrypt files using a tool like PGP and then transmit using either SFTP or FTPS. 


Contact Us

If you are currently using secure FTP protocols or are considering it for the future, drop us an email to info@coviantsoftware.com or call 781.210.3310 x1.

Don’t Be the Victim in Your Own DIY Horror Story

I recently read a horror story that could have been written by Stephen King… if the King of Horror were an IT nerd. The story’s protagonist was a systems engineer who worked for a small managed services provider with clients in government. He was the kind of person...

Take a Walk Down Main Street: The Local Gas Station-Convenience Store

Can Energy & Retail Companies benefit from MFT Software Solutions? When you think about the energy industry, the big global brands come to mind. Multi-billion-dollar organizations like ExxonMobil, Royal Dutch Shell, and Total are known worldwide and dominate the...

Another Object Lesson in Poor Data Management

Technology lifecycle management is a security imperative. In what is yet another example of a large organization overlooking this responsibility, financial services firm Morgan Stanley was hit with a $60 million class action judgment after failing to properly manage...

Managed File Transfer Resolutions for 2022

It’s a new year and time for new beginnings. Maybe you’ve taken the time to look back over 2021 and assess your choices and have resolved to do better. And maybe one of those areas of improvement is to let go of the need to handle your file transfers manually, and...